18 C
Texas

Hardening Ubuntu Security with UFW Firewall

Firewall security is the key to manage all critical services. So many seasoned and decent securities are there. But, there is always room for improvisation and simplification of Firewall systems for Linux. A very classic and well-known example is IPTABLES, of course. IPtables took lots of experience and seasoning to be perfect with. Essentially Ubuntu Kernal system provides Netfilter as a packet filtering system. IPtables is the traditional interface to manipulate Netfilter in form of commands. The UFW act as a frontend for IPTables. Users, having trouble with IPTables can manage their securities easily with this feature.

Prerequisites and installation.

I would be using Ubuntu as demo OS here, Most of the Linux OS comes with that features by default.

Check status of firewall.

$ ufw status
- Advertisement -

Enable firewall.

$ ufw enable

Reload firewall. SSH may stope when you enable firewall. If you are working in virtual environment, connection may lost.

Allow and deny rules.

Allow ssh port

$ sudo ufw allow 22

Rule applied, check status.

Like port number, we can allow to open for a particular IP address.

$ sudo ufw allow from 192.168.42.142 && sudo ufw status.

What if you wants to allow a particular port for specific IP Addr.

$ sudo sfw allow from 192.168.100.100 to any port 22

Status check.

Deny a particular port for a specific IP addr.

$ sudo ufw deny from 192.168.100.100 to any port 80

Now, delete created rule, there are two methods and first option with rule number.

 $ sudo ufw status numbered

Here, I want to delete rule number 5.

$ sudo ufw delete 5

Let’s use another way to delete any rule.

$ sudo ufw delete deny from 192.168.100.100 to any port 22

Lets reset all firewall rules to default.

$ sudo ufw reset

You can manage incoming and outgoing rules as well, have a look.

GUI Tool for UFW

Install GUI application for the firewall.

$ sudo apt-get install gufw

With basic understanding of security, a moderate user can manage items as well.

Conclusion

UFW can be used by that user, which is having not so deep knowledge of IPTables. but still wants to manage securities of their server and services. With very quick deployment ports or IP addresses, level restrictions can be managed to have a similar impact as it was supposed to be with IPTables.

- Advertisement -
Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
Subscribe
"The best Linux newsletter on the web"

LEAVE A REPLY

Please enter your comment!
Please enter your name here



Latest article