Linux servers like Ubuntu often need to be secured with a firewall. Ubuntu comes with a firewall configuration tool called UFW – Uncomplicated Firewall. UFW is a user-friendly interface to the core iptables firewall, making the process of securing your server more accessible with fewer complications.

Introduction to UFW

Before you start your journey into configuring UFW, it’s vital to understand what a firewall is. In summary, it is a network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies. UFW, as the name implies, aims to make it easier to manage iptables, especially for those new to Linux or those who prefer a straightforward approach to firewall management.

Prerequisites

Ubuntu Server or Desktop

Terminal access (physically or via SSH)
Root privileges or a user with sudo access

Installing UFW

Most Ubuntu systems have UFW installed by default. If it’s not present, installing it is straightforward:

sudo apt update
sudo apt install ufw

After installation, check if UFW is active:

sudo ufw status verbose

If you see ‘Status: inactive’, you need to enable it.

UFW Basic Usage

Enabling and Disabling UFW

Enabling UFW is easy, simply use:

sudo ufw enable

Similarly, to disable:

sudo ufw disable

Allowing and Denying Connections

To allow connections on a specific port, use:

sudo ufw allow 22

This will configure UFW to allow SSH connections on port 22. To deny an incoming connection, you would use:

sudo ufw deny 22

Understand that when you enable UFW for the first time, it blocks all incoming connections and allows all outgoing connections by default.

Allowing SSH Connections

Before you enable the firewall, ensure you allow SSH connections to prevent being locked out:

sudo ufw allow ssh

This command allows SSH traffic on the default port, 22. You can also specify a port number if you have SSH on a non-standard port:

sudo ufw allow 2222/tcp

Advanced UFW Usage

Enabling Rate Limiting

Rate limiting can help prevent brute-force attacks. It works by limiting the number of connection attempts from a single IP within a certain time frame. For SSH, you could set up rate limiting with:

sudo ufw limit ssh

Allowing Specific IP Addresses

If you want to allow access from a specific IP address only, you can use:

sudo ufw allow from 192.168.0.4 to any port 22

Denying Access Based on a Network Interface

You can also deny or allow access by specifying the network interface:

sudo ufw deny in on eth0 to any port 80

Logging and Checking UFW Logs

To enable logging, use:

sudo ufw logging on

To check the logs:

sudo less /var/log/ufw.log

Using UFW with IPv6

UFW is capable of managing IPv6 as well. If you wish to disable IPv6 with UFW, you will have to edit the UFW configuration file:

sudo nano /etc/default/ufw

Then change ‘IPV6’ to ‘no’, save the file, and reload the firewall.

Keep in mind that these changes should be made carefully. Misconfiguration may lead to service interruptions or lock you out from your server.

Conclusion

In conclusion, setting up a firewall with UFW on Ubuntu is a critical step in securing your environment. With its straightforward syntax and powerful capabilities, UFW can create a robust defense for various services. Remember always to check your rules before enabling UFW to ensure remote access continuity.

Next Article: How to connect to Ubuntu via SSH

Previous Article: Ubuntu: How to set permissions for a directory and its subdirectories

Series: Linux Tutorials

DevOps