How to use the command ufw (with examples)
- Linux
- December 25, 2023
Uncomplicated Firewall (ufw) is a frontend for iptables
that aims to make configuring a firewall easier. It provides a simpler syntax and makes managing firewall rules more intuitive.
Use case 1: Enable ufw
Code:
ufw enable
Motivation: This command is used to enable the ufw firewall on the system. Enabling ufw ensures that the firewall is actively filtering network traffic.
Explanation: The enable
command is used to start the ufw firewall. Once enabled, ufw will start filtering incoming and outgoing network traffic according to the defined rules.
Example output:
Firewall is active and enabled on system startup
Use case 2: Disable ufw
Code:
ufw disable
Motivation: Sometimes, there may be a need to disable the firewall temporarily, such as when troubleshooting network connectivity issues.
Explanation: The disable
command is used to stop the ufw firewall. Disabling ufw allows all network traffic to pass through unrestricted.
Example output:
Firewall stopped and disabled on system startup
Use case 3: Show ufw rules, along with their numbers
Code:
ufw status numbered
Motivation: This command is useful to view the currently active firewall rules and their corresponding numbers. The numbers are required for modifying or deleting specific rules.
Explanation: The status
command shows the status of the ufw firewall and any configured rules. The numbered
option includes the rule numbers in the output, making it easier to reference them.
Example output:
Status: active
To Action From
-- ------ ----
[1] 22/tcp ALLOW Anywhere
[2] 80/tcp DENY Anywhere
[3] Anywhere DENY 192.168.0.4
[4] 8412:8500/udp DENY Anywhere
Use case 4: Allow incoming traffic on port 5432 on this host with a comment identifying the service
Code:
ufw allow 5432 comment "Service"
Motivation: This command is used to allow incoming network traffic on a specific port. Adding a comment helps to identify the purpose of the allowed service.
Explanation: The allow
command is used to create a rule that allows incoming traffic. In this example, port 5432 is specified, and the comment
option is used to provide a descriptive comment for easy reference.
Example output:
Rule added
Use case 5: Allow only TCP traffic from 192.168.0.4 to any address on this host, on port 22
Code:
ufw allow proto tcp from 192.168.0.4 to any port 22
Motivation: This command is useful when restricting incoming traffic to a specific IP address and port. It can help enhance the security of an SSH server by allowing access only from a trusted IP.
Explanation: The allow
command is used with the proto
option to specify TCP as the protocol. The from
option specifies the source IP address as 192.168.0.4, and the to
option is set to allow traffic to any address. The port
option specifies port 22 for the SSH service.
Example output:
Rule added
Use case 6: Deny traffic on port 80 on this host
Code:
ufw deny 80
Motivation: This command is used to block incoming network traffic on a specific port. Denying traffic on well-known ports, such as port 80 for HTTP, can help prevent unauthorized access.
Explanation: The deny
command blocks incoming traffic on the specified port. In this example, port 80 is denied, which effectively disables the HTTP service.
Example output:
Rule added
Use case 7: Deny all UDP traffic to ports in the range 8412:8500
Code:
ufw deny proto udp from any to any port 8412:8500
Motivation: This command is used to block all incoming UDP traffic to a range of ports. Denying UDP traffic can help protect against potential vulnerabilities or unauthorized access.
Explanation: The deny
command is used with the proto
option set to UDP. The from
and to
options are set to any, indicating all IP addresses. The port
option is set to the range 8412:8500 to block UDP traffic to ports within this range.
Example output:
Rule added
Use case 8: Delete a particular rule
Code:
ufw delete rule_number
Motivation: This command is used to delete a specific firewall rule that is no longer required. Deleting unnecessary rules helps keep the firewall configuration clean and manageable.
Explanation: The delete
command removes the specified rule, identified by its rule number. The rule number can be obtained from the ufw status numbered
command.
Example output:
Rule deleted
Conclusion
The ufw
command is a powerful tool for configuring and managing firewall rules on Ubuntu systems. With its intuitive syntax and range of options, it simplifies the process of firewall administration. Whether enabling, disabling, allowing, or denying network traffic, ufw
provides an uncomplicated way to control and secure your system.