Firewall utility is used to secure your network traffic. It filters the incoming and outgoing requests by set of security rules. This guide will help you to setup a Firewall using UFW on Ubuntu 22.04.
UFW, or Uncomplicated Firewall is included with Ubuntu 22.04 system. It’s very simple interface for managing iptables firewall rules. UFW may be the right choice, if you don’t have more knowledge about firewall rules.
Prerequisites
Make sure you have logged in as non-root user with sudo privileges.
Installing UFW
At first, you have to update the package index list and then install ufw package:
sudo apt update
sudo apt install ufw
UFW won’t start immediately and getting lock out like other services.
To check the status of UFW, issue below given command:
sudo ufw status verbose
Output should show like below:
Status: inactive
Set Up Default Policies
Initially, UFW is set to deny all incoming connections and allow all outgoing connections. It means anyone trying to reach your server would not be able to connect, while any application within the server would be able to reach the outside world.
The default polices are defined in the /etc/default/ufw file and you can change using below command:
Syntax,
sudo ufw default <policy> <chain>
Allow SSH Connections
Once the UFW firewall enabled, it would deny all incoming connections. Make sure that before enabling the UFW firewall, you need to allow incoming SSH connections. Otherwise you will not be able to connect to your server remotely.
To accept SSH connections configure your UFW firewall using following command:
sudo ufw allow ssh
Rules updated Rules updated (v6)
If your SSH server is configured on a port different port than the default port 22, you will need to open that port.
For instance, your ssh server listening on port 6541, you should run:
sudo ufw allow 6541/tcp
Enabling UFW
At this stage, your firewall is configured to allow incoming SSH connections, you can enable it.
sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y Firewall is active and enabled on system startup
It will prompt you a warning that command may disrupt existing SSH connections. We already set up a firewall rule that allows SSH connections, so it should be fine to continue. Type y and hit Enter key.
Allowing Ports
You may allow other port depending your other installed application on your server. Below are some of examples which are commonly used.
Open port 80 – HTTP
To allow HTTP connections to server run:
sudo ufw allow http
You can use port 80 instead of http profile, type:
sudo ufw allow 80/tcp
Open port 443 – HTTPS
Allow HTTPS connections by typing:
sudo ufw allow https
Port 443 is for https profile, you can use use it by:
sudo ufw allow 443/tcp
Port Ranges
You can allow port range with UFW. For example, some of applications are using multiple points instead of single port. To allow ports from 5000 to 5300, use below command:
sudo ufw allow 5000:5300/tcp
sudo ufw allow 5000:5300/udp
Make sure for port range, you should allow for both tcp and udp.
Specific IP Addresses
In UFW you can allow access from a specific ip address. Use ufw allow from command followed by the IP address:
sudo ufw allow from 102.51.44.22
Allowing Specific IP Addresses and Port
To allow access on a specific port, for instance, allow port 22 from your system with IP address of 102.51.44.22 use the following command:
sudo ufw allow from 102.51.44.22 to any port 22
Subnets
You also can allow connection from a subnet mask of IP addresses. For example, if you want to allow access for IP addresses ranging from 102.51.44.22 to 102.51.44.66 to port 3306 (MySql) you can use this command:
sudo ufw allow from 102.51.44.0/24 to any port 3306
Specific Network Interface
If you want to create a firewall rule that only applies to a specific network interface, you can do so by specifying allow in on, followed by the name of the network interface.
sudo ufw allow in on eth1 to any port 3306
Deny Connections
The default policy for all incoming connections is set to deny. It means UFW will block all incoming connections unless you allow the connection for specific port.
Sometimes, it required to block requests from a specific ip address or subnet, due to malicious attacked to your server. For example, your server is being attacked from 33.44.55.0/24 network. Deny all connections from 33.44.55.0/24, use the following command:
sudo ufw deny from 33.44.55.0/24
For deny from a specific IP address, type:
sudo ufw deny from 33.44.55.66
Deleting Rules
You can delete rules by rule number or by specifying the actual rule.
To delete rule by number, first you should find the number for which you want to delete. To do that run following command:
sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 22 ALLOW IN 44.33.22.0/24
[ 2] 80 ALLOW IN Anywhere
Use the below command to delete rule number 1:
sudo ufw delete 1
Second method is delete by actual rule. For example, if you want to remove the allow http rule, you could write it like this:
sudo ufw delete allow http
Disable & Reset UFW
If don’t want to active the UFW, you can make disable it by:
sudo ufw disable
Again to re-enable UFW and activate all rules just type:
sudo ufw enable
By resetting UFW, it will disable UFW and delete all active rules. It will be helpful when you want to revert all of your changes and start as a fresh.
To reset UFW simply type in the following command:
sudo ufw reset
Conclusion
In this tutorial we explained how to setup and configure UFW firewall on your Ubuntu 22.04 system. It’s recommend that only allow ports which your server needs and deny all other for server security. Visit the UFW man page for more information.
Feel free to leave a comment below.
If our content helps you, please consider buying us a coffee
Thank you for your support.
Leave a Reply