UFW (Uncomplicated FW)
Last updated
Last updated
UFW (Uncomplicated Firewall) is a simple and user-friendly front-end for managing firewall rules on Linux systems. It helps users configure iptables (the underlying firewall) with easy-to-understand commands, primarily for securing a system by allowing or denying incoming and outgoing network traffic. UFW is a fairly simple firewall to manage and we will secure it in this section.
We need to enable the ufw first , To enable and manage we will use the following command :
WARNING : If accessing using SSH , Then create ssh allow rule before enabling the firewall to avoid loosing access
$> sudo ufw enable # Enables the ufw
$> sudo ufw disable # Disables the ufw
$> sudo systemctl status ufw ## UFW Service status
$> sudo systemctl stop/start/restart ufw ## Basic Management
$> sudo ufw status # Displaying rules and ufw statusThe basic config file of ufw is located in /etc/ufw/sysctl.conf & /etc/defaults/ufw, If you need better control you can edit this file accordingly.
We will firstly disabling the ufw to set some basic configurations to deny all incoming requests and allow all outgoing access
$> sudo ufw default deny incoming
$> sudo ufw default allow outgoingWe have sucessfully done some basic configuration of the ufw firewall now we will start adding rules .
Rules are the policies configured on ufw to allow or deny any connections on the server.
$> sudo ufw allow ssh
# OR
$> sudo ufw allow 22 # PORT BASEDWe can also allow other services using same systax
$> sudo ufw allow from 10.10.10.10$> sudo ufw allow from 10.10.10.10 to any port 22
$> sudo ufw allow from 10.10.10.0/24 to any port 22 ## Network WhitelistingTo delete rules or reset the ufw comeletely we can do this with the following command
To view the rules currently applied on the firewall
$> sudo ufw status numberedLets say we need to delete rule no 1 then we can do it with :
$> sudo ufw delete 2Now lets say we need to reset the ufw we can simpley do this with the following command :
$> sudo ufw reset