Ubuntu

    How to Setup Ubuntu Firewall Easily

    Rajesh ShivamBy Updated:1 Comment5 Mins Read
    Ubuntu Firewall

    UFW (Uncomplicated Firewall) is the default firewall configuration tool for Ubuntu. It comes with a user-friendly front-end or command driven tool for managing iptables firewall rules easily. In this tutorial, I am explaining how to setup an Ubuntu firewall easily, without much deep knowledge about networking.

    Before installing the UFW firewall, let’s have a look at firewall importance.

    Why Firewall is Important

    A firewall is an essential part of any system to restrict unauthorized access to the network. It helps you to protect your important data. A firewall controls the inbound and outbound traffic of a system. If you are using a Ubuntu based web server, then it is always recommended to set up a firewall during LAMP stack setup.

    How to Setup Ubuntu Firewall

    In Ubuntu, the firewall can be set up using the command line or GUI method. Let’s configure firewall using command line

    Step 1: Install firewall

    UFW is installed by default on Ubuntu, If it is uninstalled for some reason. You can install UFW by using this command.

    $ sudo apt install UFW

    Step 2: Set Default Policies for Firewall

    This part is very crucial, as this part will control the flow of traffic that does not match explicitly with any other rule. By default, UFW denies all incoming connections and allows outgoing connections. In this state, if any one trying to connect your server is not able to connect. Whereas applications hosted on the server are able to reach the outside world.

    To set the above rules, run the following commands.

    $ sudo ufw default deny incoming
$ sudo ufw default allow outgoing

    Step 3: Allow SSH connections

    If you are using any cloud server or VPS, you may need to connect your server using SSH to manage your server. To allow SSH, run the following command.

    $ sudo ufw allow ssh

    This command will allow all connections to the server on port 22, by default SSH daemons use port 22. All the ports were listed as a service in the /etc/services file.

    You can write equivalent rules by using ports also.

    Sometimes the SSH daemon is configured with a different port for security purposes. In that case write port number instead of service. For example,

    $ sudo ufw allow 2222

    [Always add SSH rules before enable UFW on Ubuntu, otherwise you are not able to connect your server via SSH]

    Step 4: Enable UFW on Ubuntu

    To enable UFW, run the following command.

    $ sudo ufw enable

    A warning message will appear that says that command may disrupt the existing ssh connection. As you already added SSH rules to the UFW, continue with the command to enable UFW. Type y and press Enter on the keyboard.

    Ubuntu Firewall

    Now, the firewall is activated. Check the status of the ubuntu firewall with all the rules, run the following command.

    $ sudo ufw status verbose

    Above command will show the firewall configuration details, as below

    Ubuntu Firewall

    Step 5: Enable Other Connections

    According to your requirement, you can enable other ports as well. Let’s enable http and https rules on UFW. By default, HTTP uses port 80(unencrypted). To enable HTTP, you can run either service name or port number.

    $ sudo ufw enable http

or

$ sudo ufw enable 80

    Again, by default HTTPS uses port 443(encrypted). To enable HTTPS, you can run either service name or port number.

    $ sudo ufw enable https

Or 

$ sudo ufw enable 443

    List of Commonly Used Network Ports

    Service NamePortTransport protocol
    Secure Shell (SSH)22TCP and UDP
    File Transfer Protocol (FTP)21TCP
    Simple Mail Transfer Protocol (SMTP)25TCP
    HyperText Transfer Protocol (HTTP)80TCP
    HTTP with Secure Sockets Layer (SSL)443TCP and UDP
    Remote Desktop Protocol(RDP)3389TCP and UDP
    Telnet23TCP

    How to Enable Port Ranges

    Some applications need multiple ports to operate. You can enable port ranges with UFW by following commands.

    $ sudo ufw allow 6000:6007/tcp
$ sudo ufw allow 6000:6007/udp

    (When specify port ranges, you need to mention tcp or udp to apply)

    How to Enable Specific IP

    Sometimes, you may need to enable specific IP with UFW to allow access to the server. The command you need to run for adding to the UFW.

    $ sudo ufw allow from 13.235.242.172

    You can also allow specific port to the IP by following command.

    $ sudo ufw allow from 13.235.242.172 to any port 22

    How to Disable Ubuntu Firewall

    You can easily disable UFW by using the following command.

    $ sudo ufw disable

    If you want to reset your UFW rules, use the following command.

    $ sudo ufw reset

    Conclusion

    A complete step by step guide to setup Ubuntu firewall. Follow this article thoroughly to complete UFW setup on Ubuntu. If you have any doubts feel free to contact me, I will definitely try to help you. Also, you can join our elite facebook group to get direct help from me. If you like this tutorial, please share this article on your social media handle.

    Share.

    Rajesh Shivam is a seasoned professional with expertise in AWS and Linux System Administration. With over 10 years of freelancing experience, he brings a wealth of knowledge to the table. Rajesh has a strong passion for technology and stays connected with the latest happenings in the field. His dedication and expertise make him a trusted resource for all things tech-related.

    Related Posts

    View 1 Comment

    1 Comment

    1. AntonioKeS on

      For example, if the firewall is set to allow SSH port connections from anywhere, the output might look something like this: Use the command if you want to check how UFW has configured the firewall. You can always run if you need to activate it later.

      Reply

    Leave A Reply