UFW – GrapheneGoat

UFW (Uncomplicated Firewall) on Linux

UFW (Uncomplicated Firewall) is a very simple but powerful tool for managing firewall rules on Linux. It provides an extremely simple interface for managing iptables and controlling all of our traffic where we can allow or deny any connection we wish. UFW acts as a barrier and greatly simplifies the process of configuring our firewall on Linux, increasing the security of our system. UFW helps protect against unauthorized access, network attacks, and other vulnerabilities, and has a Default Deny Policy for all incoming connections.

Most systems will have this already installed, if not simply issue the following command:

On Debian/Ubuntu:

sudo apt update
sudo apt install ufw

On Fedora:

sudo dnf install ufw

On Arch:

sudo pacman -S ufw

Issue the following command to enable UFW on your system:

sudo ufw enable

Check the status of your firewall at any time using this command:

sudo ufw status verbose

To allow or deny specific traffic:

Allow SSH (Port 22 by default) – If you plan to remote into the machine via SSH, you’ll want to allow for incoming SSH connections:

sudo ufw allow ssh

Allow HTTP (port 80) to allow HTTP traffic for web servers:

sudo ufw allow http

Allow HTTPS (port 443) to allow for HTTPS traffic for web servers:

sudo ufw allow https

You can allow a specific IP address:

sudo ufw allow from 192.168.1.103

To specify a range of ports to allow, for example ports 5000-5100:

sudo ufw allow 5000:5100/tcp

You can also deny specific ports or IP addresses:

sudo ufw deny from 192.168.1.103

To deny a specific port (this example blocks port 23 which is used for Telnet:

sudo ufw deny 23

Enable logging:

sudo ufw logging on

To delete rules, simply use the ‘delete’ command like this:

sudo ufw delete allow ssh

You can also list the ufw rules to see which ones you may want to delete:

sudo ufw status numbered

sudo ufw delete [rule number]

To disable UFW (useful for troubleshooting, best to re-enable once complete so that it stays active):

sudo ufw disable

You can also rate limit (example, on SSH incoming connections, to help prevent brute force attacks) *If this is on a webserver, you’ll want to also consider tools such as Fail2Ban to further protect your machine

sudo ufw limit ssh

—

GUFW (Graphical User Interface UFW)

Don’t want to use the terminal? You can install a GUI version of UFW for easier point and click if you prefer, simply run the following command to install it on your system:

sudo apt install gufw

That’s it! Open your Applications menu and open it to toggle it on or off.