Setting up a firewall on your Linux system is an important step in securing your network. One tool that you can use to accomplish this is Uncomplicated Firewall (UFW). UFW is a user-friendly frontend for iptables, which is the standard Linux firewall. In this article, we will go over the steps to set up a firewall with UFW.
Step 1: Install UFW
To install UFW on your system, use the following command:
sudo apt-get install ufw
Step 2: Check UFW Status
Before you can start configuring your firewall, you need to check the status of UFW. Use the following command to do so:
sudo ufw status verbose
The output will indicate whether UFW is active or inactive. By default, UFW is disabled.
Step 3: Enable UFW
To enable UFW, use the following command:
sudo ufw enable
Step 4: Set Default Policies
Once UFW is enabled, you need to set the default policies for incoming and outgoing connections. Use the following commands to set the default policy to deny incoming connections and allow outgoing connections:
sudo ufw default deny incoming
sudo ufw default allow outgoing
Step 5: Add UFW Rules
Now that your firewall is set up, you can start adding rules to control the traffic that is allowed through your network.
To allow both incoming and outgoing connections on port 22 for SSH, use the following commands:
sudo ufw allow ssh
sudo ufw allow 2000
To deny traffic on a specific port, use the following command:
sudo ufw deny 22
To allow packets based on TCP or UDP, use the following commands:
sudo ufw allow 80/tcp
sudo ufw allow http/tcp
sudo ufw allow 1725/udp
To allow connections from a specific IP address, use the following command:
sudo ufw allow from 10.10.10.25
To deny connections from a specific IP address, use the following command:
sudo ufw deny from 10.10.10.24
To allow connections from a specific subnet, use the following command:
sudo ufw allow from 198.51.100.0/24
To allow a specific IP address/port combination, use the following command:
sudo ufw allow from 198.51.100.0 to any port 22 proto tcp
Step 6: Advanced Rules
If you need to add more advanced or specific rules, you can use the following methods:
Add the rules to the /etc/ufw/before.rules (before6.rules for IPv6) file to execute the rules before UFW runs.
There are also after.rule and an after6.rule files where you can add any rules that would need to be added after UFW runs the command-line-added rules.
An additional configuration file that is located at /etc/default/ufw allows you to disable or enable IPv6, set default rules, and set UFW to manage built-in firewall chains.
Step 7: Remove UFW Rules
To remove rules, you can use the following command:
sudo ufw delete allow 80
This will delete the rule that allows HTTP traffic from port 80.
By following these steps, you can successfully set up a firewall using UFW on your Linux system. It is important to note that while UFW is a user-friendly tool, it is always recommended to fully understand the commands and their effects before implementing them on a production system. Additionally, it is important to regularly review and update your firewall rules to ensure that they align with your current network and security needs. With UFW, you can easily add and remove rules, set default policies, and control inbound and outbound traffic to keep your system secure.