UFW Firewall: Essential Commands and Rules for Ubuntu Users

UFW stands for Uncomplicated Firewall and is a lightweight and easy-to-use firewall configuration tool for Ubuntu and other Linux distributions such as Arch Linux, CentOS, and Linux Mint. It provides a simple way to manage incoming and outgoing traffic and can be used to secure your system from unauthorized access and attacks.

UFW is the most important feature to secure your Linux virtual private server by enabling. This feature helps filter malicious activities in the server.

In this post, we will discuss how to set up and configure UFW on Ubuntu, and how to use it to create firewall rules to protect your system. UFW is installed by default in Ubuntu you need to enable this feature.

Setting Up Uncomplicated Firewall

UFW is a user-friendly frontend for the iptables firewall, a powerful but complex firewall configuration tool. UFW provides an interface for managing firewalls, making it more accessible to users. The following describes below that how UFW works in the Ubuntu system:

UFW comes pre-installed on Ubuntu systems, but it is disabled by default. To enable UFW, you can run the following command:

sudo ufw enable

This will enable UFW and start the firewall service. By default, UFW is configured to stop all incoming traffic and allow all outgoing traffic. This means that no one will be able to connect to your system from the outside, but you will be able to connect to other systems and services on the internet.

You can also disable the UFW by typing the following command:

sudo ufw disable

Creating and Managing Firewall Rules

When it comes to understanding the creating and managing rules you must be familiar with ports and applications, To specify the source IP address and destination IP address as the protocols, and finally an action that you want to allow or deny the traffic.

Creating firewall rules

To create firewall rules, you can use the following commands:

1. This will allow incoming traffic on the specified port.

sudo ufw allow <port>

2. This will block incoming traffic on the specified port.

sudo ufw deny <port>

3. This will allow incoming and outgoing traffic for the specified application.

sudo ufw allow <application>

4. This will block incoming and outgoing traffic for the specified application.

sudo ufw deny <application>

Now as above description, for example, to allow incoming traffic on port 22 a default SSH port, you would run the following command:

sudo ufw allow 22

To block incoming traffic on port 80 which is the HTTP port, you would run the following command:

sudo ufw deny 80

You can also create more complex firewall rules by using the -s and -d options to specify the source and destination addresses or networks. For example, to allow incoming traffic on port 22 from the IP address 192.168.1.100, you would run the following command:

sudo ufw allow 22 -s 192.168.1.100

To block incoming traffic on port 80 from the IP address 192.168.1.200, you would run the following command:

sudo ufw deny 80 -s 192.168.1.200

Managing firewall rules

Once you have created some firewall rules, you can use the following commands to manage them:

1. This will display the current status of UFW and its firewall rules.

sudo ufw status

2. This will list all of the current firewall rules.

sudo ufw list rules

3. This will delete the specified firewall rule.

sudo ufw delete <rule number>

4. This will reset UFW to its default configuration.

sudo ufw reset

Always start by setting the default policies for UFW. By default, UFW will deny all incoming traffic and allow all outgoing traffic. You can change these defaults using the following command:

sudo ufw default <Args>

Best Practices for UFW

Here are some best practices in configuration UFW to protect your Ubuntu system:

• Only open the ports that you need. The more ports that you open, the more vulnerable your system is to attack.
• Use specific IP addresses or networks whenever possible. This will help to reduce the risk of unauthorized access.
• Keep your firewall rules up to date. As new applications and services are installed, you may need to create new firewall rules to allow traffic for them.
• Monitor your firewall logs regularly. This will help you to identify any suspicious activity.

Conclusion

UFW is a powerful and important firewall configuration tool. By setting up and configuring UFW rules, you can control which ports and services are open to incoming traffic. It provides a simple interface for managing firewall rules, and it includes a number of pre-defined rules for common applications and services. This makes it easier to manage your firewall and ensures that your system remains protected.