How to Setup UFW firewall on Debian 10

How to Setup UFW firewall on Debian 10
How to Setup UFW firewall on Debian 10

Setup UFW firewall on Debian 10

UFW stands for uncomplicated firewall used to manage firewall rules in Debian. UFW simplifies the process of configuring the firewall. In this tutorial, you will learn how to setup the UFW firewall on Debian.

Prerequisites

Before you start to configure UFW on Debian 10. You must have the non-root user account on your server with sudo privileges.

Before You Begin

Install UFW by using the following command

sudo apt install ufw

Set up default policies

Most of the time your system needs to have only some ports open for incoming connections and closed all remaining ports. With UFW you can set these things by using the following commands

To deny all incoming connections type following in the terminal

sudo ufw default deny incoming

To allow all outgoing connections type following in terminal.

sudo ufw default allow outgoing

Adding rules

You can service name or port number to add new rules. It’s very much easier to add rules in UFW. Following is the format to add new rules

sudo ufw ACTION PORT_NUMBER

In the above format, ACTION can be allowed, deny, etc. and PORT_NUMBER is the numeric value.

To Allow incoming and outgoing connection on port 22(SSH) execute the following command

sudo ufw allow 22

Or you can also run

sudo ufw allow ssh

You can deny traffic on a certain port by typing

sudo ufw deny 112

Deleting rules

You can delete any of the rules added to ufw by executing the following command.
In the following example, you are going to delete rule which allows connection on port number 80

sudo ufw delete allow 80

Adding advanced rules

To deny connections from specific IP address:

sudo ufw deny from 42.102.129.105

To allow connections from specific IP address:

sudo ufw allow from 42.102.129.105

Checking UFW status

You can check UFW status and all the rules by typing

sudo ufw status

Output should be

Status: active

    To                         Action      From
    --                         ------      ----
    22                         ALLOW       Anywhere
    80/tcp                     ALLOW       Anywhere
    443                        ALLOW       Anywhere
    22 (v6)                    ALLOW       Anywhere (v6)
    80/tcp (v6)                ALLOW       Anywhere (v6)
    443 (v6)                   ALLOW       Anywhere (v6)

Enable UFW status

If above sudo ufw status command gives status inactive type following in the terminal

sudo ufw enable

to disable UFW status

sudo ufw disable

Logging in UFW

You can enable or disable logging in UFW. There are three levels for logging in ufw low, medium, high. the default log level is low.

You can enable logging. type following in the terminal

sudo ufw logging on

Conclusion

Here successfully completed the tutorial on how to setup the UFW firewall on Debian 10. If you have any queries regarding this then please don’t forget to comment below.

LEAVE A REPLY

Please enter your comment!
Please enter your name here