How to Use the Command 'ufw' (with Examples)

How to Use the Command 'ufw' (with Examples)

The Uncomplicated Firewall (ufw) is a user-friendly interface for managing firewall configurations on Linux systems. It serves as a frontend to iptables, simplifying the task of configuring a firewall through a more human-readable syntax. ufw is widely used in Ubuntu and other Debian-based systems, allowing users to easily setup and control the flow of network traffic on their machines. For more details, you may refer to the official Ubuntu wiki page .

Enable ufw

Code:

ufw enable

Motivation: Enabling the firewall is one of the fundamental steps for securing a server or desktop environment. This ensures that the firewall is active and starts filtering traffic according to the rules set by the user. When enabled, ufw will operate according to its default settings unless customized rules are added.

Explanation:

  • ufw: Invokes the Uncomplicated Firewall command.
  • enable: This argument turns on the firewall, enabling all the rules that have been configured to immediately start filtering traffic.

Example Output:

Firewall is active and enabled on system startup

Disable ufw

Code:

ufw disable

Motivation: There may be scenarios where one needs to temporarily disable the firewall to troubleshoot network issues or to test application deployment without the interference of existing firewall rules. It’s important to remember to re-enable the firewall after testing is complete.

Explanation:

  • ufw: Invokes the Uncomplicated Firewall command.
  • disable: This argument deactivates the firewall and stops filtering traffic according to the defined rules.

Example Output:

Firewall stopped and disabled on system startup

Show ufw rules, along with their numbers

Code:

ufw status numbered

Motivation: Displaying the current firewall rules along with their numbering can be useful for monitoring which rules are active, diagnosing issues with network traffic, or identifying which rule needs to be modified or deleted.

Explanation:

  • ufw: Invokes the Uncomplicated Firewall command.
  • status: Displays the current status of the firewall.
  • numbered: Adds numbers to each rule in the output, making it easier to reference or remove specific rules.

Example Output:

Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 5432                       ALLOW       Anywhere
[ 2] 22/tcp                     ALLOW       192.168.0.4
[ 3] 80                         DENY        Anywhere

Allow incoming traffic on port 5432 on this host with a comment identifying the service

Code:

ufw allow 5432 comment "Service"

Motivation: Certain applications and services require specific ports to be open for them to function properly. By using a comment, users can easily identify why a rule has been created, which facilitates both current understanding and future maintenance.

Explanation:

  • ufw: Invokes the Uncomplicated Firewall command.
  • allow: This argument is used to permit traffic through the specified port.
  • 5432: Represents the port number. In many cases, port 5432 is used for PostgreSQL database connections.
  • comment "Service": Allows the addition of a comment or annotation to describe the purpose of the rule.

Example Output:

Rule added
Rule added (v6)

Allow only TCP traffic from 192.168.0.4 to any address on this host, on port 22

Code:

ufw allow proto tcp from 192.168.0.4 to any port 22

Motivation: Limiting SSH access (typically on port 22) to specific trusted IP addresses adds an additional layer of security by minimizing the attack surface and reducing the likelihood of unauthorized access attempts.

Explanation:

  • ufw: Invokes the Uncomplicated Firewall command.
  • allow: Permits traffic according to the specified parameters.
  • proto tcp: Specifies that only TCP traffic (commonly associated with SSH) is to be allowed.
  • from 192.168.0.4: Indicates that only traffic originating from the IP address 192.168.0.4 is permitted.
  • to any port 22: Traffic is allowed to any destination address on the host through port 22 (commonly used for SSH).

Example Output:

Rule added
Rule added (v6)

Deny traffic on port 80 on this host

Code:

ufw deny 80

Motivation: Restricting or denying traffic on port 80 can be necessary if a web server on that port is no longer needed or if access to the HTTP service is to be blocked for security reasons. This can help protect the server from HTTP-based vulnerabilities or attacks.

Explanation:

  • ufw: Invokes the Uncomplicated Firewall command.
  • deny: This argument stops traffic from passing through the specified port.
  • 80: Represents the port number used by HTTP services.

Example Output:

Rule updated
Rule updated (v6)

Deny all UDP traffic to ports in range 8412:8500

Code:

ufw deny proto udp from any to any port 8412:8500

Motivation: There are use cases where certain ranges of UDP ports need to be blocked, possibly due to past malicious activities or lack of necessity for these ports to be open. Denying a range of ports can secure the system more effectively than addressing individual ports in various use cases.

Explanation:

  • ufw: Invokes the Uncomplicated Firewall command.
  • deny: Prohibits traffic according to the specified criteria.
  • proto udp: Specifies denying traffic using the UDP protocol, which is generally used by applications requiring fast, connectionless communication.
  • from any: Indicates the rule applies to traffic from any source.
  • to any port 8412:8500: Defines the range of ports (8412 to 8500) to which this rule applies.

Example Output:

Rule added
Rule added (v6)

Delete a particular rule

Code:

ufw delete rule_number

Motivation: Maintaining a clean and efficient firewall rule set is vital for optimal performance and management. Deleting unnecessary or outdated rules helps prevent potential security risks and ensures that traffic control aligns with current network demands.

Explanation:

  • ufw: Invokes the Uncomplicated Firewall command.
  • delete: Used to remove an existing rule.
  • rule_number: The numerical index of the rule to be deleted (as displayed in ufw status numbered output).

Example Output for deleting rule number 3:

Rule deleted
Rule deleted (v6)

Conclusion:

The ufw command provides a simplified interface to enhance the management of firewall rules on Linux systems. By offering straightforward commands, ufw empowers users to secure their networks, tailor their configurations to specific needs, and maintain control over traffic flow more efficiently. Whether it’s enabling the firewall, configuring specific rules, or cleaning up outdated entries, ufw offers essential functionality for system administrators and users aiming to strengthen their network defenses.

Tags :

Related Posts

How to Use the Command 'evtest' (with Examples)

How to Use the Command 'evtest' (with Examples)

Evtest is a powerful utility within Linux systems utilized for testing and debugging input device drivers.

Read More
How to Use the Command 'az acr' (with examples)

How to Use the Command 'az acr' (with examples)

The Azure Container Registry (ACR) is a managed, private Docker registry service provided by Microsoft Azure.

Read More
How to Use the Command 'nettacker' (with examples)

How to Use the Command 'nettacker' (with examples)

Nettacker is a versatile command-line tool designed to automate the process of information gathering and vulnerability scanning.

Read More