Setup UFW firewall on Ubuntu 18.04

UFW stands for uncomplicated firewall used to manage firewall rules in Ubuntu. UFW simplifies the process of configuring the firewall. In this tutorial you will learn how to setup UFW firewall on Ubuntu.

Prerequisites

Before you start to configure UFW on Ubuntu 18.04. You must have the non-root user account on your server with sudo privileges.

Before You Begin

UFW is installed in Ubuntu by default. If you have uninstalled it for some reasons then please install it by using the following command

sudo apt install ufw

Set up default policies

Most of the time your system needs to have only some ports open for incoming connections and closed all remaining ports. With UFW you can set these things by using following commands

To deny all incoming connections type following in the terminal

sudo ufw default deny incoming

To allow all outgoing connections type following in terminal.

sudo ufw default allow outgoing

Adding rules

You can service name or port number to add new rules. It’s very much easier to add rules in UFW. Following is the format to add new rules

sudo ufw ACTION PORT_NUMBER

In above format ACTION can be allowed, deny etc. and PORT_NUMBER is the numeric value.

To Allow incoming and outgoing connection on port 22(SSH) execute the following command

sudo ufw allow 22

Or you can also run

sudo ufw allow ssh

You can deny traffic on a certain port by typing

sudo ufw deny 112

Deleting rules

You can delete any of the rule added to ufw by executing the following command.
In the following example, you are going to delete rule which allows connection on port number 80

sudo ufw delete allow 80

Adding advanced rules

To deny connections from specific IP address:

sudo ufw deny from 42.102.129.105

To allow connections from specific IP address:

sudo ufw allow from 42.102.129.105

Checking UFW status

You can check UFW status and all the rules by typing

sudo ufw status

Output should be

Status: active

    To                         Action      From
    --                         ------      ----
    22                         ALLOW       Anywhere
    80/tcp                     ALLOW       Anywhere
    443                        ALLOW       Anywhere
    22 (v6)                    ALLOW       Anywhere (v6)
    80/tcp (v6)                ALLOW       Anywhere (v6)
    443 (v6)                   ALLOW       Anywhere (v6)

Enable UFW status

If above sudo ufw status command gives status inactive type following in terminal

sudo ufw enable

to disable UFW status

sudo ufw disable

Logging in UFW

You can enable or disable logging in UFW. There are three levels for logging in ufw low,medium,high. the default log level is low.

You can enable logging. type following in the terminal

sudo ufw logging on

Conclusion

Here successfully completed the tutorial on how to setup UFW firewall on Ubuntu 18.04. If you have any queries regarding this then please don’t forget to comment below.

Leave a Reply

Your email address will not be published. Required fields are marked *
You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>