How to use the command ufw (with examples)

How to use the command ufw (with examples)

Uncomplicated Firewall (ufw) is a frontend for iptables that aims to make configuring a firewall easier. It provides a simpler syntax and makes managing firewall rules more intuitive.

Use case 1: Enable ufw

Code:

ufw enable

Motivation: This command is used to enable the ufw firewall on the system. Enabling ufw ensures that the firewall is actively filtering network traffic.

Explanation: The enable command is used to start the ufw firewall. Once enabled, ufw will start filtering incoming and outgoing network traffic according to the defined rules.

Example output:

Firewall is active and enabled on system startup

Use case 2: Disable ufw

Code:

ufw disable

Motivation: Sometimes, there may be a need to disable the firewall temporarily, such as when troubleshooting network connectivity issues.

Explanation: The disable command is used to stop the ufw firewall. Disabling ufw allows all network traffic to pass through unrestricted.

Example output:

Firewall stopped and disabled on system startup

Use case 3: Show ufw rules, along with their numbers

Code:

ufw status numbered

Motivation: This command is useful to view the currently active firewall rules and their corresponding numbers. The numbers are required for modifying or deleting specific rules.

Explanation: The status command shows the status of the ufw firewall and any configured rules. The numbered option includes the rule numbers in the output, making it easier to reference them.

Example output:

Status: active

     To                         Action      From
     --                         ------      ----
[1] 22/tcp                     ALLOW       Anywhere
[2] 80/tcp                     DENY        Anywhere
[3] Anywhere                   DENY        192.168.0.4
[4] 8412:8500/udp              DENY        Anywhere

Use case 4: Allow incoming traffic on port 5432 on this host with a comment identifying the service

Code:

ufw allow 5432 comment "Service"

Motivation: This command is used to allow incoming network traffic on a specific port. Adding a comment helps to identify the purpose of the allowed service.

Explanation: The allow command is used to create a rule that allows incoming traffic. In this example, port 5432 is specified, and the comment option is used to provide a descriptive comment for easy reference.

Example output:

Rule added

Use case 5: Allow only TCP traffic from 192.168.0.4 to any address on this host, on port 22

Code:

ufw allow proto tcp from 192.168.0.4 to any port 22

Motivation: This command is useful when restricting incoming traffic to a specific IP address and port. It can help enhance the security of an SSH server by allowing access only from a trusted IP.

Explanation: The allow command is used with the proto option to specify TCP as the protocol. The from option specifies the source IP address as 192.168.0.4, and the to option is set to allow traffic to any address. The port option specifies port 22 for the SSH service.

Example output:

Rule added

Use case 6: Deny traffic on port 80 on this host

Code:

ufw deny 80

Motivation: This command is used to block incoming network traffic on a specific port. Denying traffic on well-known ports, such as port 80 for HTTP, can help prevent unauthorized access.

Explanation: The deny command blocks incoming traffic on the specified port. In this example, port 80 is denied, which effectively disables the HTTP service.

Example output:

Rule added

Use case 7: Deny all UDP traffic to ports in the range 8412:8500

Code:

ufw deny proto udp from any to any port 8412:8500

Motivation: This command is used to block all incoming UDP traffic to a range of ports. Denying UDP traffic can help protect against potential vulnerabilities or unauthorized access.

Explanation: The deny command is used with the proto option set to UDP. The from and to options are set to any, indicating all IP addresses. The port option is set to the range 8412:8500 to block UDP traffic to ports within this range.

Example output:

Rule added

Use case 8: Delete a particular rule

Code:

ufw delete rule_number

Motivation: This command is used to delete a specific firewall rule that is no longer required. Deleting unnecessary rules helps keep the firewall configuration clean and manageable.

Explanation: The delete command removes the specified rule, identified by its rule number. The rule number can be obtained from the ufw status numbered command.

Example output:

Rule deleted

Conclusion

The ufw command is a powerful tool for configuring and managing firewall rules on Ubuntu systems. With its intuitive syntax and range of options, it simplifies the process of firewall administration. Whether enabling, disabling, allowing, or denying network traffic, ufw provides an uncomplicated way to control and secure your system.

Tags :

Related Posts

iptables-restore (with examples)

iptables-restore (with examples)

The iptables-restore command is used to restore the iptables IPv4 configuration from a file.

Read More
How to use the command "cat" (with examples)

How to use the command "cat" (with examples)

The “cat” command in Unix is used to print and concatenate files.

Read More
How to use the command `git unlock` (with examples)

How to use the command `git unlock` (with examples)

The git unlock command is part of git-extras and is used to unlock a file in a Git repository so that it can be modified by a commit.

Read More