A firewall is a software that monitors and governs the incoming and outgoing traffic of a system based on predefined rules. By setting up a firewall, you can control who can connect to your computer, and which ports it can access. Here we will show you how to set up firewall in your Linux computer.
The default Firewall app in Linux is iptables and it is pre-installed in almost all Linux distributions. While iptables is highly configurable and highly flexible, its syntax and configuration can be confusing and may not be the easiest to understand. UFW (Uncomplicated Firewall) was created to ease the configuration of iptables as it provides a user-friendly way and easy-to-understand syntax to set up and configure the firewall.
Setting up Firewall with a graphical app
Gufw is a graphical frontend for UFW and it provides an easy way for non-technical users to set up firewall in Linux. Gufw is widely available in most package managers. In Ubuntu, you can install Gufw from the Software Center, or via the command:
sudo apt install gufw
Once installed, open the application. You can see that the status is disabled by default. This means that the firewall is not running.
To enable the firewall, simply click on the Status switch to enable it. The default rules is to block all incoming connection and allow all outgoing connection.
Click on the Report tab and you can see the running apps and their protocol and port.
To configure your firewall to allow incoming connections, you have to add rules.
1. Click on the “Rules” tab and click the “+” button at the bottom.
2. The “Preconfigured” tab comes with preconfigured rules for certain apps. This is particularly useful if you need to configure the firewall for a specific app.
3. The “Simple” tab allows you to setup incoming/outgoing rules for specific port.
4. The “Advanced” tab allows you to accept (or block) connection from specific IP addresses, or network interfaces.
As you can see, setting up firewall with Gufw is just a matter of a few clicks.
Ufw for the command line
If you are running a server, or you prefer to use the terminal, then UFW is the one you should use.
Install UFW in Ubuntu:
sudo apt install ufw
To check the firewall status, use the command:
sudo ufw status
To activate the firewall, use the command:
sudo ufw enable
Similarly, to deactivate UFW:
sudo ufw disable
By default, ufw will block all incoming and allow all outgoing connections. If you have messed up the configuration, you can reset it with the command:
sudo ufw reset
Allowing access to ports
To connect to a remote server, you will need to open up ports on the server to accept incoming connection. That is why the default rule of denying all incoming traffic won’t work. You will need to allow incoming connection to access, minimally, the SSH port.
For example, to allow SSH (port 22):
sudo ufw allow ssh
sudo ufw allow 22
For a web server, you should also allow access to HTTP (port 80) and HTTPS (port 443):
sudo ufw allow 80 sudo ufw allow 443
Allow access from specific IP addresses
If you want to block all incoming traffic, except for a specific IP address, use the command:
sudo ufw allow from ip_address
To limit the IP address to only access certain ports, you can do it with the command:
sudo ufw allow from ip_address to any port ports
For example, to only allow the IP address 220.127.116.11 to access the SSH port:
sudo ufw allow from 18.104.22.168 to any port 22
You can also use a netmask to define a range of IP address
sudo ufw allow from 22.214.171.124/24 to any port 22
Note: the rules for denying connection is the same as above. Simply replace “allow” with “deny” in the command.
Deleting rules in UFW is easy too, though it is not as straightforward.
1. First, list down all the rules as a numbered list:
sudo ufw status numbered
2. Next, identify the number of the rule that you want to delete. In this case, we want to remove the access to port 3306, which is number 2 and 6 as listed in the image above. Run the command to delete it:
sudo ufw delete 6
As you can see, both UFW and Gufw are easy to use and can be easily configured to protect your Linux system. It is also, so far, the easiest way to set up a firewall in Linux.