How To Configure Firewall with UFW in Ubuntu

In this tutorial, you will discover how to configure your Firewall, close ports or create rules in Ubuntu thanks to UFW.

Types of rules in the Firewall:

When we manage a firewall we can handle various types of rules for it, some of these are:

  • Control the number of connections.
  • Record the input and output events of connections.
  • Manage and manage user access.
  • Control which applications and programs can access the Internet.
  • Detection ports.

How to Enable UFW in Ubuntu 16

To verify the UFW status in Ubuntu 16, we access the terminal and execute the following command:

sudo ufw status

We can see that by default UFW is inactive.

To enable UFW in Ubuntu 16, we will use the following command. We can see that his state has changed and is now active since the system started.

sudo ufw enable

How to Set the Predefined Policies in Ubuntu 16

By default, UFW is designed to:

  • Deny all incoming connections.
  • Allow all outgoing connections.

This indicates that any user or person trying to access from outside the local network will not have access while a user or application within the local network may have connectivity anywhere in the external network.

To reconfirm these policies, we will use the following commands:

sudo ufw default deny incoming

sudo ufw default allow outgoing

Once the predefined rules have been validated again, we can restart the firewall using the following commands:

sudo ufw disable

sudo ufw enable

In this way, our firewall is ready to be configured in Ubuntu 16

How to configure UFW in Ubuntu 16

There are several tasks that we can run on the firewall in Ubuntu to control the security parameters of the system, some of these are:

Allow connections via SSH

We have verified that UFW by default restricts incoming connections to the system, so if we try to access the system using SSH, we would not have the possibility of access.
To enable access via SSH, we will use the following command:

sudo ufw allow ssh

This will allow us to create a rule on port 22, by default for SSH connections. We can enable the SSH with this command where we specify the SSH port directly:

sudo ufw allow 22

How to Open & Close Ports on Ubuntu 16 using UFW

The basic syntax that we must take into account to close a port and avoid that it is enabled to “listen” we can use the following:

sudo ufw deny (port_number)

Now, if we want to open a closed port in Ubuntu 16 for some management or requirement issue, we will use the following:

Sudo ufw allow (port_number)

Most Used Ports in Ubuntu

Remember some of the ports that we can use frequently in Ubuntu 16:

  • HTTPS: It allows us to establish secure connections and use port 443, so to allow it we can use any of the following options:
sudo ufw allow https

sudo ufw allow 443
  • HTTP: This option enables unsafe navigation, and its port is 80, so to allow it we can use any of the following options:
sudo ufw allow http

sudo ufw allow 80
  • FTP: This option will enable us to transfer files safely and its port is 21, so to allow it we can use any of the following options:
sudo ufw allow ftp

sudo ufw allow 21

Enable or deny a range of ports using UFW

We may want to allow a specific range of ports to have access to the system. For example, if we're going to enable X11(Remote) connections using the range of ports 6000-6005 we will use the following syntax.

sudo ufw allow 6000:6005/tcp

sudo ufw allow 6000:6005/udp

Allow access to a specific IP address

With UFW we can allow the access of an IP address specifically so that it has access to the system. For this we will use the following syntax:

sudo ufw allow from (IP_Adress)

If we wish to allow the TheLinuxCode IP address, we will enter the following:

sudo ufw allow from

We can also specify the port through which this address is to be connected using the following syntax.

sudo ufw allow from (IP_Adress) to any port (Port_Number)

Check default Policies

To check the status of the policies that we have implemented in UFW, we will use the following command. There we can see what policies have been established.

sudo ufw status verbose

Deny connections in UFW

At times it may be necessary to restrict the access of a specific connection, for this we will use the deny parameter. For example, to deny the HTTP connection, we will use the following command:

sudo ufw deny http

Delete Established Rules

At the moment we consider it necessary to eliminate some rules that have been created we must execute two actions:

First, we must list the rules we have created using the following command:

sudo ufw status numbered

There we will see all the established rules identified with a number which will be useful at the time of the elimination.

Now we define which rule has to be eliminated, and we will use the following command to remove it, in this case, we will delete rule 7:

sudo ufw delete 7

How to use UFW from Graphical Interface in Ubuntu 16

In Ubuntu 16 we can install a graphical interface called GUFW which will allow us to have the same actions from the command line, ut from a graphical environment.

To install this interface we will use the following command:

sudo apt-get install gufw

How to access GUFW in Ubuntu 16

We can access GUFW using the search in Ubuntu 16 entering the term gufw.

Once we access the tool we will have the following interface from where we can make all the necessary steps:

In this way we can use UFW to establish and control all the rules that we consider necessary to improve the security of our Ubuntu system and thus have the certainty of having a reliable tool that will offer great possibilities of administration on various parameters at the network level.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *