Linux

UFW Linux Firewall Cheatsheet

writer
4 Min Read

UFW Linux Firewall Cheatsheet

A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet. A firewall’s main purpose is to allow non-threatening traffic in and to keep dangerous traffic out.

Contents

 

Install

To install UFW if you don't already have it, run:


 

This tutorial assumes you are using Debian or Ubuntu.

 

Enable UFW

UFW is disabled by default in Ubuntu and you have to enable it

 

Disable UFW

 

You probably don't want to just enable it for one session, but to start up at boot. To do this, edit the configuration file:

change ENABLED=no to ENABLED=yes

 

Get Status / Rules

If you want the output to be numbered, so you know the rule IDs:

 

Default Deny

You probably want UFW to deny everything by default and add whitelist exceptions later.


 
Open/Unblock Port

To allow a any ip and protocol on a certain port:

 

Allow Protocol on Port

example:

 

Allow IP Complete Access

 

Allow IP Range

example:

 

Allow IP Range On One Port

The following could be useful if you wanted to give an IP the ability to connect to the database port, but not SSH for example. It seems strange, but you need to use to any port to allow specifying the port.


 

Block an IP

The insert 1 is important, and ensures that the rule is injected at the front of the list of rules. Otherwise, if there was another rule that would accept the connection, e.g. “allow on port 80”, then UFW would accept the connection instead of blocking it. UFW does not have a concept of specificity, only the order of the rules.

If that doesn't work, it might be because you have no rules. In which case use:

 

Block Outgoing To IP

Today I needed to block my web browser going to an IP address in order to test something. The previous rule for blocking an IP just blocks incoming traffic, but in this case we want to block outgoing traffic.

 

Deleting Rules

There are many ways to delete rules in UFW, but the simplest way is to list the rules with their numbers/indexes and then delete by index with the following two commands:

 

You Might Also Like

Monitoring File & Directory Changes using Bash Script

Vulnerability Checker CVE-2024-3094

Unleashing the Potential of Knowledge Management with Wiki.js

How to Install Apache Guacamole with Docker Compose

Unlocking Seamless Remote Access: Exploring the Power of Apache Guacamole

TAGGED: , , ,
Share This Article
Previous Article Install RabbitMQ on CentOS 7 Install RabbitMQ on CentOS 7
Next Article How to set up a VPN Site to Site (VPN S2S) between StrongSwan and Cloud VPN How to set up a VPN Site to Site (VPN S2S) between StrongSwan and Google Cloud VPN
6 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest News

bash
Monitoring File & Directory Changes using Bash Script
Linux Application
vulnerability
Vulnerability Checker CVE-2024-3094
Linux
wiki.js
Unleashing the Potential of Knowledge Management with Wiki.js
Application Linux
Install Apache Guacamole
How to Install Apache Guacamole with Docker Compose
Application Linux