How to Set up Firewall in Linux

by
Set Up Firewall Linux Featured

A firewall is a software that monitors and governs the incoming and outgoing traffic of a system based on predefined rules. By setting up a firewall, you can control who can connect to your computer, and which ports it can access. Here we will show you how to set up firewall in your Linux computer.

Uncomplicated Firewall

The default Firewall app in Linux is iptables and it is pre-installed in almost all Linux distributions. While iptables is highly configurable and highly flexible, its syntax and configuration can be confusing and may not be the easiest to understand. UFW (Uncomplicated Firewall) was created to ease the configuration of iptables as it provides a user-friendly way and easy-to-understand syntax to set up and configure the firewall.

Setting up Firewall with a graphical app

Gufw is a graphical frontend for UFW and it provides an easy way for non-technical users to set up firewall in Linux. Gufw is widely available in most package managers. In Ubuntu, you can install Gufw from the Software Center, or via the command:

sudo apt install gufw

Once installed, open the application. You can see that the status is disabled by default. This means that the firewall is not running.

Gufw On Startup

To enable the firewall, simply click on the Status switch to enable it. The default rules is to block all incoming connection and allow all outgoing connection.

Gufw Firewall Enabled

Click on the Report tab and you can see the running apps and their protocol and port.

Gufw Firewall Report Tab

To configure your firewall to allow incoming connections, you have to add rules.

1. Click on the “Rules” tab and click the “+” button at the bottom.

2. The “Preconfigured” tab comes with preconfigured rules for certain apps. This is particularly useful if you need to configure the firewall for a specific app.

Gufw Firewall Preconfigured Rules

3. The “Simple” tab allows you to setup incoming/outgoing rules for specific port.

Gufw Firewall Simple Rules

4. The “Advanced” tab allows you to accept (or block) connection from specific IP addresses, or network interfaces.

Gufw Firewall Advanced Rules Tab

As you can see, setting up firewall with Gufw is just a matter of a few clicks.

Ufw for the command line

If you are running a server, or you prefer to use the terminal, then UFW is the one you should use.

Install UFW in Ubuntu:

sudo apt install ufw

To check the firewall status, use the command:

sudo ufw status
Ufw Status

To activate the firewall, use the command:

sudo ufw enable
Ufw Enable

Similarly, to deactivate UFW:

sudo ufw disable

By default, ufw will block all incoming and allow all outgoing connections. If you have messed up the configuration, you can reset it with the command:

sudo ufw reset

Allowing access to ports

To connect to a remote server, you will need to open up ports on the server to accept incoming connection. That is why the default rule of denying all incoming traffic won’t work. You will need to allow incoming connection to access, minimally, the SSH port.

For example, to allow SSH (port 22):

sudo ufw allow ssh

or

sudo ufw allow 22

For a web server, you should also allow access to HTTP (port 80) and HTTPS (port 443):

sudo ufw allow 80
sudo ufw allow 443

Allow access from specific IP addresses

If you want to block all incoming traffic, except for a specific IP address, use the command:

sudo ufw allow from ip_address

To limit the IP address to only access certain ports, you can do it with the command:

sudo ufw allow from ip_address to any port ports

For example, to only allow the IP address 123.231.132.213 to access the SSH port:

sudo ufw allow from 123.231.132.213 to any port 22

You can also use a netmask to define a range of IP address

sudo ufw allow from 123.231.132.0/24 to any port 22

Note: the rules for denying connection is the same as above. Simply replace “allow” with “deny” in the command.

Deleting Rules

Deleting rules in UFW is easy too, though it is not as straightforward.

1. First, list down all the rules as a numbered list:

sudo ufw status numbered
Ufw Status Numbered

2. Next, identify the number of the rule that you want to delete. In this case, we want to remove the access to port 3306, which is number 2 and 6 as listed in the image above. Run the command to delete it:

sudo ufw delete 6
Ufw Delete Rules

That’s it.

Conclusion

As you can see, both UFW and Gufw are easy to use and can be easily configured to protect your Linux system. It is also, so far, the easiest way to set up a firewall in Linux.