How to Set Up and Use a Basic Firewall on Linux
Table of Contents
UFW (Uncomplicated Firewall) is a user-friendly front-end for managing iptables firewall rules on Linux systems. It simplifies the process of configuring and managing a firewall, making it suitable for beginners and advanced users alike. This guide will show you how to set up and use UFW to secure your Linux system.
Using UFW
Step 1: Open Terminal
Open the terminal by pressing Ctrl + Alt + T on your keyboard or by searching for it in the applications menu.
Step 2: Install UFW
UFW is usually installed by default on Ubuntu and its derivatives. If it’s not installed, you can install it using the package manager specific to your distribution:
On Debian/Ubuntu-based systems:
sudo apt update && sudo apt install ufw
On Fedora/RPM-based systems:
sudo dnf update && sudo dnf install ufw
On openSUSE systems:
sudo zypper install ufw
On Arch-based systems:
sudo pacman -Syu && sudo pacman -S ufw
Step 3: Enable UFW
Before enabling UFW, it’s a good idea to ensure that SSH connections are allowed to prevent being locked out of your system. To allow SSH connections, run:
sudo ufw allow ssh
Now, enable UFW by running:
sudo ufw enable
To check the status of UFW, run:
sudo ufw status verbose
Step 4: Configure UFW Rules
You can configure UFW rules to allow or deny traffic based on various criteria, such as port number, protocol, or IP address.
To allow traffic on a specific port, use the following command:
sudo ufw allow [port_number]
For example, to allow HTTP traffic on port 80:
sudo ufw allow 80
To deny traffic on a specific port, use the following command:
sudo ufw deny [port_number]
For example, to deny FTP traffic on port 21:
sudo ufw deny 21
You can also specify the protocol (TCP or UDP) when creating rules:
sudo ufw allow [port_number]/[protocol]
For example, to allow UDP traffic on port 53 (DNS):
sudo ufw allow 53/udp
Step 5: Delete UFW Rules
To delete a UFW rule, use the following command:
sudo ufw delete [rule]
For example, to delete the rule allowing HTTP traffic on port 80:
sudo ufw delete allow 80
Conclusion
UFW is a simple yet powerful tool for managing iptables firewall rules on Linux systems. By setting up and configuring UFW, you can enhance the security of your Linux system by controlling the traffic that enters and leaves your network.