If you using Ubuntu or any Linux What is Firewall UFW iptables in Ubuntu? Let’s begin, a firewall can be software or hardware that will ensure and improve the security of computers connected to networks, such as LAN or internet. The primary goal of any firewall is to monitor/block suspicious traffic request and data packets. However, it is very important to configure and control your firewall effectively. We can use a combination of hardware and software to make secure communications. There are different type of firewall, so we have choices to implement it as per the purpose e.g. Packet Filters, Applications Gateways, Dynamic Packet Filters, Circuit level Gateways and many more.
UFW is Uncomplicated Firewall. It developed to provide friendly framework to manage iptables, so it became default firewall on system like Ubuntu and Debian. Along with command line, UFW have some GUI tool (gUFW) to help that make firewall configuration easier.
What is iptables? It is a rules based default firewall in most of Linux based operating systems. iptables define rules for incoming and outgoing packets which may contained important information.
You must understand only root or user with sudo privileges can manage the firewall.
As we discussed, ufw should be installed on Ubuntu. So with the help of following command we can check ufw installed or not on our system.
$ which ufw
If ufw already installed on system, command return following message.
Output $ /usr/sbin/ufw -- ufw path
If ufw not installed then use following command to install it.
$ sudo apt-get install ufw -- install ufw command
Once installation is completed, check ufw status ( Enabled / Disabled ).
$ sudo ufw status verbose
By default ufw is disabled or not activated before, give below like output:
Output Status: inactive
Now let’s enabled it.
$ sudo ufw enable
Output Firewall is active and enabled on system startup
Check ufw status again, this time Output like be as follow.
$ sudo ufw status Output Status: active To Action From -- ------ ---- Apache Full ALLOW Anywhere Apache Full (v6) ALLOW Anywhere
Configure ufw to support IPv6
If the system has both IPv4 and IPv6 then we need to change setting in UFW configuration file. Open configuration file add following line OR uncomment line IPV6=yes
Set up default ufw policies.
At initial level default ufw policies work great for both, server and desktop. So it is always best practice to closes all ports on server and open only necessary port as per requirement. Lets block all incoming connection and only allow outgoing connections.
$ sudo ufw default allow outgoing Output Default outgoing policy changed to 'allow' $ sudo ufw default deny incoming Output Default incoming policy changed to 'deny'
Now we will check how to Block or Allow all network connection which originate from specific IP address. Use example 184.108.40.206 . To Block all network traffic, we use deny command.
Syntax $ sudo ufw deny from < Remote IP Address > to < Local IP Address > proto < Protocol > port < Port Number >
Block All network connections from IP address 220.127.116.11
$ sudo ufw deny from 18.104.22.168 to any
Let see how we can block network traffic on specific Protocol and port.
$ sudo ufw deny from 22.214.171.124 to any proto tcp port 80
Let add rules to allow IP address to all traffic or for specific network ports using ufw “allow” command.
Syntax $ sudo ufw allow from < Remote IP Address > to < Local IP >
$ sudo ufw allow from 126.96.36.199
So Above firewall rule will allow all network connection from the mention IP address.
$ sudo ufw allow from 188.8.131.52 to 184.108.40.206
This rule allow all connection from IP Address 220.127.116.11 only to 18.104.22.168 IP Address
$ sudo ufw allow from 22.214.171.124 to any proto tcp port 80
This time, above rule will allow network traffic related to TCP protocol and open port 80 to specific IP Address.
So syntax for allow or deny connection to a subnet of IP Address is similar as allowing to a single IP address. The only difference is we need to mention the netmask.
In below example we allow access from range of IP addresses 10.2.2.0 to 10.2.2.255 to MySQL port (3306)
$ sudo ufw allow from 10.2.2.1/24 to any port 3306
Now let understand how to delete ufw rules because it is equally important to understand how to create it. There are different ways to remove rules from ufw. We can remove rule by its number OR by actual rule. So let try easier way that is delete by rule number.
By rule number
To delete ufw firewall rules by number, we need to list down all rules with numbers. Following command with numbered option will display numbers texts to each rule
$ sudo ufw status numbered Output status: active To Action From --- -------- ----- [ 1] Apache Full ALLOW IN Anywhere [ 2] Apache Full DENY IN 126.96.36.199 [ 3] Apache Full (v6) ALLOW IN Anywhere
Suppose we want to delete rule no 2 which blocking connection from 188.8.131.52 IP address, we can mention rule no in ufw delete command as follow. It is protective process, so it will ask confirmation before delete rule.
$ sudo ufw delete 2
By actual rule
Now let try to delete rule using the original rule, mention original rule with ufw delete command. Check example add one more rule and then delete it.
$ sudo ufw allow from 192.168.1.1 to any proto tcp port 22
Execute following command to delete above rule
$ sudo ufw delete allow from 192.168.1.1 to any proto tcp port 22
Delete all rules
Following command will remove all firewall rules and also disable the firewall.
$ sudo ufw reset Output Resetting all rules to installed defaults. Proceed with operation (y|n)? y Backing up 'user.rules' to '/etc/ufw/user.rules.20200730_185856' Backing up 'before.rules' to '/etc/ufw/before.rules.20200730_185856' Backing up 'after.rules' to '/etc/ufw/after.rules.20200730_185856' Backing up 'user6.rules' to '/etc/ufw/user6.rules.20200730_185856' Backing up 'before6.rules' to '/etc/ufw/before6.rules.20200730_185856' Backing up 'after6.rules' to '/etc/ufw/after6.rules.20200730_185856'
Any rules that we created with ufw will no longer active, so to activate it we need to run sudo ufw enable
I hope, you got answer of our question What is Firewall UFW iptables in Ubuntu? we covered basic ufw and its features. Now we will discuss more and advance level of ufw in our next post. Please visit again and send your valuable comments and feedback to improve our content.