Part 8: UFW (Uncomplicated Firewall) in Linux

Firewalls are an essential component of system security, and Linux provides a straightforward tool called UFW (Uncomplicated Firewall) to manage firewall rules easily. In this part, we will explain what UFW is, its purpose, and some commonly used UFW commands.

---

What is UFW?

UFW stands for Uncomplicated Firewall. It is a user-friendly command-line interface for managing firewall rules in Linux systems. UFW simplifies the process of configuring and managing iptables, the underlying framework used for packet filtering in Linux.

What is UFW Used For?

UFW is used to:

• Control network traffic to and from a system.

• Allow or block specific ports and services.

• Enhance security by minimizing exposure to unauthorized access.

---

Commonly Used UFW Commands

1. Check UFW Status

sudo ufw status

This command displays the current status of the firewall (active or inactive) and lists all active rules.

Example Output:

Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere

2. Allow SSH Connections

sudo ufw allow ssh

This allows incoming SSH connections (default port 22) to the system. SSH is critical for remote system management.

Equivalent Command:

sudo ufw allow 22/tcp

This explicitly opens TCP port 22 for SSH.

3. Enable the Firewall

sudo ufw enable

This activates the firewall and applies all defined rules. You will receive a confirmation prompt before enabling.

Example:

Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

4. Set Default Policies

sudo ufw default deny incoming
sudo ufw default allow outgoing

These commands set the default behavior of the firewall:

• Deny all incoming traffic: Blocks any connection unless explicitly allowed.

• Allow all outgoing traffic: Permits all outgoing connections by default.

This configuration is ideal for securing a system while maintaining outgoing connectivity.

5. Allow Specific Ports or Ranges

Allow Traffic to a Specific Port

sudo ufw allow 80/tcp

This allows incoming traffic on port 80 (commonly used for HTTP).

Allow Traffic to a Port Range

sudo ufw allow 1000:2000/tcp

This allows incoming TCP traffic on all ports in the range 1000 to 2000.

Allow Traffic From a Specific IP Address

sudo ufw allow from 192.168.1.100

This allows all incoming traffic from the IP address 192.168.1.100.

Allow Traffic From a Specific IP Address to a Port

sudo ufw allow from 192.168.1.100 to any port 22

This allows incoming SSH traffic (port 22) only from the IP address 192.168.1.100.

6. Reset UFW Configuration

sudo ufw reset

This command disables the firewall, deletes all rules, and resets UFW to its default settings. Use this to start with a clean configuration.

Example Output:

Resetting all rules to installed defaults. Proceed with operation (y|n)? y
Backing up 'user.rules' to '/etc/ufw/user.rules.20231221_101010'
Backing up 'before.rules' to '/etc/ufw/before.rules.20231221_101010'
Firewall stopped and disabled on system startup

---

Summary of Commands

---

UFW is an essential tool for managing firewall rules and securing your Linux system. Its simplicity makes it a favorite among both novice and experienced users. Try these commands to configure and enhance your system's security.