Linux Tactic

Complete Guide to Installing and Configuring UFW Firewall on Ubuntu 1804

Installing and Configuring UFW Firewall on Ubuntu 18.04

The internet is a powerful tool that has transformed our lives. It is easier than ever to connect with loved ones, conduct business transactions, and obtain information.

However, the internet is also a dangerous place where malicious actors can cause harm to individuals and businesses. A properly configured firewall is essential for protecting your system from these threats, and one option for firewall configuration is UFW.

UFW, which stands for Uncomplicated Firewall, is a user-friendly front-end for iptables firewall rules. It is pre-installed on Ubuntu 18.04 and is an excellent tool for configuring your firewall quickly and easily.

In this article, we will walk you through the process of installing and configuring UFW on Ubuntu 18.04.

Prerequisites for the Tutorial

Before we dive into the installation process, there are a few prerequisites we need to cover. Firstly, you must have access to a terminal with sudo privileges.

If you are logged in as the root user, you can skip this step. Additionally, make sure that your system is up-to-date and has all the necessary packages installed.

Installing UFW on Ubuntu 18.04

Once the prerequisites are in place, we can start the installation process. Run the following command in the terminal:

sudo apt-get install ufw

This command will install the UFW package onto your system. You might be prompted to add the required iptables rules.

Select ‘yes’ to keep the process running.

Checking UFW Status

To check the status of UFW on your system, run the following command in the terminal:

sudo ufw status

You should see the status as inactive. This means that the firewall is not enabled on your system by default.

In the following sections, we will walk you through the process of configuring the UFW firewall.

Default Policies for UFW

Before we start configuring the firewall, we need to understand the default policies. The default policy is the behavior of a firewall when it encounters traffic that is not explicitly allowed or denied by a rule.

By default, UFW has a deny-all policy, which means that if it doesn’t explicitly allow the traffic, it will reject it. You can view and modify the default policies from the /etc/default/ufw file.

To view the file, run the following command in the terminal:

sudo nano /etc/default/ufw

Application Profiles for UFW

Application profiles define sets of rules to allow or deny traffic for specific applications. These profiles are stored in the /etc/ufw/applications.d directory and can be modified using any text editor.

If you’re using an application that’s not included in the default profiles, you can create a custom profile for it.

Allowing SSH Connections on UFW

By default, UFW blocks all incoming traffic to your system, including SSH connections. To allow SSH traffic, you can run the following command in the terminal:

sudo ufw allow ssh

This rule will allow all incoming SSH traffic from any location. However, if necessary, you can also specify a remote location by running a similar command with an additional parameter:

sudo ufw allow from to any port 22

Enabling UFW Firewall

After setting up the necessary rules, the next step is to enable the UFW firewall by running the following command:

sudo ufw enable

This command will prompt you to disable SSH connections if you have not allowed them explicitly. Press ‘y’ if you’re sure you have allowed SSH connections, and the firewall will enable.

Allowing Connections on Other Ports with UFW

In addition to allowing SSH, you may need to allow other ports for certain applications to work. To allow traffic on a specific port, use the following command:

sudo ufw allow

For instance, if you needed to enable HTTP traffic on port 80, you could use the following command:

sudo ufw allow 80/tcp

Allowing Port Ranges with UFW

To allow traffic on a range of ports, you can use the following command:

sudo ufw allow :

For example, to allow traffic on ports 1500 2000, run this command:

sudo ufw allow 1500:2000/tcp

Allowing Specific IP Addresses with UFW

If you want to allow specific IP addresses, you can add them to your whitelist using the following command:

sudo ufw allow from to any

This rule will allow traffic from the specified IP address to any port on your system.

Allowing Subnets with UFW

To allow a subnet of IP addresses, you can use the following command:

sudo ufw allow from to any

This command specifies that any traffic originating from the specified IP subnet is allowed to communicate with any port on your system.

Allowing Connections to Specific Network Interface

To allow traffic on a specific network interface, use the following command:

sudo ufw allow in on to any port

This command permits traffic coming from the specified network interface to a specific port on your system.

Denying Connections with UFW

You can set the default policy to deny all traffic by running the command:

sudo ufw default deny incoming

Any traffic that does not match any of the rules you created will be blocked.

Deleting UFW Rules

You may need to delete or remove a rule if you no longer need it. To delete a rule, you can use the delete command with the rule number or specification as follows:

sudo ufw delete

sudo ufw delete allow

Disabling and Resetting UFW

If you need to disable UFW temporarily, you can run the following command:

sudo ufw disable

To reset any firewall rules made on your system, use the following command:

sudo ufw reset

Importance of Properly Configured Firewall for System Security

The importance of having a properly configured firewall cannot be overstated. A firewall protects your system and network from unauthorized access and malicious traffic.

It acts as a barrier between your computer and the internet, preventing unauthorized access to your system. Ubuntu 18.04 comes pre-installed with UFW, a user-friendly tool for managing iptables firewall rules.

UFW makes it easy and intuitive to configure your firewall, providing a command-line interface for creating, modifying, and deleting firewall rules. Using UFW provides several advantages, including a user-friendly interface for managing your firewall rules effectively.

You can configure UFW rules to allow only specific traffic types and block all other traffic by default. In conclusion, configuring and enabling UFW is an essential step in securing your system against potential threats.

By following these simple steps, you can easily configure your firewall and have peace of mind knowing that your system is secure. Prerequisites for Installing and Configuring UFW Firewall on Ubuntu 18.04

Installing and configuring a firewall is a crucial step in protecting your system from potential security threats.

One such firewall tool is UFW, a user-friendly front-end for iptables firewall rules available on Ubuntu 18.04. However, before we dive into the installation process, we need to cover the prerequisites, which include understanding sudo privileges, the difference between sudo and root users, and creating a sudo user.

Importance of Sudo Privileges for Administrative Commands

Administrative commands require elevated privileges, and it is important to use these privileges with caution. The sudo (superuser do) command allows authorized users to execute administrative tasks with elevated privileges.

Using sudo privileges ensures that users have temporary administrative permissions rather than having persistent superuser permissions, which pose a security risk. The sudo command is used to execute administrative commands in a terminal.

Consider the following sample command:

sudo apt-get update

This command updates the list of applications available in the Ubuntu repositories. The ‘sudo’ keyword, when used along with a command, prompts for the user’s password and verifies whether the user has proper authorization.

If the validation is successful, the command will run with elevated privileges.

Difference Between Sudo User and Root User

The root user is a built-in administrative account created at installation, and it has full control over the system. Root access is not recommended for daily use because of the security risk associated with it.

Instead, it is recommended to use sudo privileges to temporarily elevate your permissions. A sudo user is created out of an existing non-root user.

This user is granted administrative access by adding them to the ‘sudo’ group. Users in the ‘sudo’ group can use the sudo command to execute administrative commands.

Creating a Sudo User on Ubuntu System

When setting up a new Ubuntu system, it is often recommended to create a new user account with sudo permissions instead of using the root account. This ensures that the root account is not abused and also offers an additional layer of security.

Below are the steps to create a sudo user on Ubuntu:

1. Open a terminal by pressing the ‘Ctrl + Alt + T’ keys on your keyboard.

2. Run the following command to add a new user:

sudo adduser

Replace ‘‘ with the desired username of the new user.

3. Set a password for the new user when prompted.

4. Run the following command to add the new user to the sudo group:

sudo usermod -aG sudo

Replace ‘‘ with the name of the new user you have created.

5. Check that the user has been created successfully with sudo privileges by running the following command:

sudo su –

If the command works without errors, then the user is successfully created with sudo privileges.

Installing UFW Firewall on Ubuntu 18.04

With the prerequisites covered, we can now move on to the installation process for UFW on Ubuntu 18.04. Default Installation of UFW in Ubuntu 18.04

Ubuntu 18.04 comes pre-installed with the UFW package.

However, the default status of the firewall is inactive, meaning that incoming connections are not blocked by default. You must activate the firewall and configure it to protect your system.

If you want to check whether UFW is installed on your system, run the following command:

sudo ufw status

If UFW is active on your system, the status output should indicate that it is currently blocking all incoming connections.

Installing UFW with the UFW Package

If UFW is not installed on your system, you can easily install it with the following command:

sudo apt-get install ufw

This command will install the UFW package along with any necessary dependencies required for it to function. Once the installation is complete, you can check the status of UFW on your system using the ‘

sudo ufw status’ command. Are you planning to configure your firewall with UFW on Ubuntu 18.04?

This article has provided you with the prerequisites, including understanding sudo privileges and creating sudo users, as well as instructions on how to install UFW on your Ubuntu system. Take your time to configure your firewall to secure your system and protect it from malicious actors.

Checking Status of UFW Firewall on Ubuntu 18.04

Once you have installed UFW (Uncomplicated Firewall) on your Ubuntu 18.04 system, it is important to be able to check the status of the firewall. This will allow you to verify whether UFW is functioning correctly and whether it is actively blocking incoming connections.

In this section, we will cover the command for checking UFW status, as well as the output for both inactive and active UFW status. Command for

Checking UFW Status

To check the status of UFW on your Ubuntu system, you can use the following command:

sudo ufw status

When you run this command, it will provide you with detailed information about the current status of UFW.

Output for Inactive and Active UFW Status

When you run the ‘

sudo ufw status’ command, you will receive different outputs depending on whether UFW is active or inactive. If UFW is inactive, the output will resemble the following:

Status: inactive

This means that UFW is not currently active on your system.

In this state, the firewall is not blocking any incoming connections, and all traffic is allowed by default. If you want to enable UFW and start blocking unwanted traffic, you can use the ‘

sudo ufw enable’ command. On the other hand, if UFW is active, the output will provide you with detailed information about the current status of UFW, including the default policies, enabled rules, and any custom rules you may have set.

Default Policies and

Application Profiles for UFW Firewall on Ubuntu 18.04

When configuring UFW on Ubuntu 18.04, it is essential to understand the default policies and application profiles. Default policies define the behavior of the firewall when it encounters traffic that is not explicitly allowed or denied by a rule.

Application profiles, on the other hand, are sets of rules that allow or deny traffic for specific applications.

Default Policies for UFW Firewall and Changing Default Policies

UFW has three default policies for incoming, outgoing, and routed traffic:

1. Incoming traffic: The default policy for incoming traffic is to deny it.

This means that if UFW does not explicitly allow the traffic, it will block it. It is generally recommended to leave the default policy for incoming traffic as ‘deny’ to reduce the attack surface.

2. Outgoing traffic: The default policy for outgoing traffic is to allow it.

This means that all outgoing connections from your system are allowed by default. However, it is important to note that UFW does not monitor or control outgoing traffic.

Therefore, if you want to restrict specific outgoing connections, you will need to create explicit rules. 3.

Routed traffic: The default policy for routed traffic is to deny it, similar to the incoming traffic policy. Routed traffic refers to traffic passing through your system but not directly destined for it.

This policy is crucial for preventing your system from being used as a gateway for unauthorized traffic. While it is generally recommended to keep the default policies as they are, you can change them if necessary.

To change a default policy, you can use the following commands:

– To change the default policy for incoming traffic:

sudo ufw default deny incoming

sudo ufw default allow incoming

– To change the default policy for outgoing traffic:

sudo ufw default deny outgoing

sudo ufw default allow outgoing

Application Profiles for UFW and Finding Profile Information

UFW comes with several pre-configured application profiles that allow or deny traffic for specific applications. These profiles are located in the /etc/ufw/applications.d directory.

Each profile is a text file that specifies the rules for the corresponding application. To find information about available application profiles, you can use the following command:

sudo ufw app list

This command will display a list of available application profiles and their corresponding descriptions. You can use this information to determine which application profiles you want to enable or modify.

To enable a specific application profile, you can use the following command:

sudo ufw allow

Replace ‘‘ with the name of the application profile you want to enable. It is important to note that application profiles are specific to the installed applications on your system.

If you have additional software that is not included in the default profiles, you may need to create a custom profile to allow or deny traffic for that particular application. By understanding the default policies and application profiles for UFW on Ubuntu 18.04, you can effectively configure your firewall to align with your security requirements and protect your system from unauthorized access and potential threats.

Allowing Connections on Specific Ports with UFW Firewall on Ubuntu 18.04

Configuring your firewall to allow connections on specific ports is an important aspect of securing your system. UFW (Uncomplicated Firewall) provides a straightforward way to manage firewall rules, including allowing connections on specific ports.

In this section, we will cover how to allow SSH connections, enabling the UFW firewall after allowing SSH connections, allowing connections on other common ports, and allowing port ranges with the UFW firewall.

Allowing SSH Connections with UFW Firewall

SSH (Secure Shell) is a widely used protocol for securely accessing remote systems. By default, UFW blocks all incoming traffic to your system, including SSH connections.

To allow SSH traffic through the UFW firewall, you can use the following command:

sudo ufw allow ssh

This command will create a rule that allows incoming SSH connections from any location. It is important to note that enabling SSH connections on a firewall exposes your system to potential security risks.

Make sure to follow best practices, such as using strong passwords or key-based authentication, to secure your SSH connections.

Enabling UFW Firewall after Allowing SSH Connections

After allowing SSH connections, you can enable the UFW firewall to start blocking unwanted traffic. To enable the UFW firewall, use the following command:

sudo ufw enable

Enabling the firewall may disrupt your SSH connection temporarily, so ensure that you have alternative means to access your system, such as physical access or an active console session. Once enabled, the UFW firewall will actively monitor and filter incoming and outgoing connections based on your specified rules.

Allowing Connections on Other Common Ports with UFW Firewall

In addition to allowing SSH connections, you may need to allow connections on other common ports to ensure that specific applications or services can function properly. To allow traffic on a specific port, you can use the following command:

sudo ufw allow

For example, if you want to allow HTTP traffic on port 80, run this command:

sudo ufw allow 80

Similarly, you can allow other common ports such as FTP (port 21), SMTP (port 25), or HTTPS (port 443) using the appropriate port numbers.

Allowing Port Ranges with UFW Firewall

In certain cases, you may need to allow traffic on a range of ports rather than a single port. To allow a range of ports with UFW, use the following command:

sudo ufw allow :

For example, to allow traffic on ports 8000 to 9000, you can use the following command:

sudo ufw allow 8000:9000

This rule will enable communication on all ports within the specified range, using the default protocol of TCP.

Allowing Specific IP Addresses with UFW Firewall on Ubuntu 18.04

In some scenarios, you may want to restrict access to specific IP addresses to enhance security. UFW firewall provides a simple way to allow connections from specific IP addresses.

To allow access to a specific IP address, use the following command:

sudo ufw allow from to any

Replace ‘‘ with the actual IP address you want to allow. This rule will permit traffic originating from the specified IP address to any port on your system.

Allowing Access to Specific IP Addresses on Specific Ports

To allow access to a specific IP address on a specific port, specify the port number along with the IP address in the above command. For instance, to allow access from IP address 192.168.1.100 to port 22 (SSH), run this command:

sudo ufw allow from 192.168.1.100 to any port 22

You can modify the command to match the desired IP address and port.

By allowing connections on specific ports and IP addresses, you can enhance the security of your system while still enabling necessary communication. UFW provides a user-friendly interface to manage these rules effectively, protecting your system from unauthorized access and potential threats.

Denying Connections and

Deleting UFW Rules on Ubuntu 18.04

In addition to allowing specific connections, it is equally important to have control over the connections that should be denied or restricted. UFW (Uncomplicated Firewall) on Ubuntu 18.04 provides options to deny connections and delete firewall rules.

In this section, we will cover how to deny connections using UFW firewall and how to delete UFW rules either by rule number or by specifying the actual rule.

Denying Connections with UFW Firewall

There may be instances where you want to explicitly deny certain connections to ensure the security and integrity of your system. UFW firewall allows you to deny incoming and outgoing connections based on specific rules.

To deny connections using UFW, you can use the following command:

sudo ufw deny

Replace ‘‘ with the port number on which you want to deny incoming or outgoing connections. For example, to deny incoming connections on port 8080, you would use the following command:

sudo ufw deny 8080

This rule will prevent any incoming connection attempts on port 8080. Alternatively, you can deny connections to specific IP addresses by using the following command:

sudo ufw deny from

Replace ‘‘ with the actual IP address you want to deny connections from.

For instance, to deny connections from the IP address 192.168.1.100, you would use the command:

sudo ufw deny from 192.168.1.100

By denying connections, you can exert greater control over the traffic allowed to and from your system, further enhancing its security.

Deleting UFW Rules by Rule Number or Specifying the Actual Rule

As your firewall rules evolve, you may find the need to delete existing rules that are no longer necessary or relevant. UFW provides the flexibility to delete rules either by their rule numbers or by specifying the actual rule.

This allows you to selectively remove individual rules without affecting the rest of your firewall configuration. To delete a rule by its rule number, you can use the following command:

sudo ufw delete

Replace ‘‘ with the actual rule number you want to delete.

The rule number can be obtained by running the ‘

sudo ufw status numbered’ command, which lists the active rules along with their corresponding numbers. For example, if you want to delete rule number 3, you would use the following command:

sudo ufw delete 3

This command will delete the specified rule from your firewall configuration. If you prefer to delete a rule by specifying the actual rule itself, you can use the following syntax:

sudo ufw delete

Replace ‘‘ with the actual rule you want to delete.

For example, to delete a rule that allows connections from a specific IP address, you would use a command like this:

sudo ufw delete allow from 192.168.1.100

This command will remove the specified rule from the firewall configuration. It is important to verify the rule you are deleting to ensure that you are targeting the correct rule.

Care must be taken while deleting rules to avoid disrupting valid connections or leaving your system vulnerable. By utilizing the ability to deny connections and delete UFW rules, you can have greater control over your firewall configuration.

This allows you to fine-tune your system’s security and ensure that only the necessary connections are permitted. Regularly reviewing and managing your firewall rules is crucial to maintain an optimal and secure network environment.

In conclusion, installing and configuring the UFW firewall on Ubuntu 18.04 is an essential step in securing your system and protecting it from potential security threats. By understanding the prerequisites, such as the importance of sudo privileges and creating a sudo user, you can ensure proper administrative control.

The installation of UFW is straightforward, and checking its status confirms whether the firewall is active or inactive. Default policies and application profiles play a crucial role in defining the behavior of the firewall, and they can be modified to align with your security requirements.

Allowing connections on specific ports and IP addresses, as well as denying connections when necessary, grants you greater control over network traffic. Finally, deleting UFW rules allows for continuous refinement of your firewall configuration.

Secure your system, control access, and enhance your network’s overall security with UFW firewall on Ubuntu 18.04.

Popular Posts