UFW or Uncomplicated Firewall is an interface of the Linux OS that makes it easy for users to configure a firewall on a linux server system.
Firewall itself functions to prevent unwanted access to a local network connection.
Firewalls also allow us to be able to tracing the connection so that we can take action whether we will continue the connection or we reject it.
By default Linux itself has its own firewall system such as Net Filters and Iptables. However, the configuration is quite complicated, so we take advantage of UFW to make it easier to configure the Firewall.
Table of Contents
Install UFW on Ubuntu
Below we use an example of an Ubuntu Virtual Machine. For the first time using UFW, we have to install it first by using Package Management. For how to install it you type the command like this:
$ sudo apt-get install ufw
If you have installed it then we need to check whether UFW is already installed on the system or not by typing:
$ sudo ufw status
Or by using
$ sudo ufw verbose status
The picture above shows that UFW is still not active, so we need to do a basic configuration.
The first basic configuration is that we need to block incoming and allow outgoing so that incoming packets to our server will be blocked but outgoing packets will be allowed. Enter the command as follows:
$ sudo ufw default deny incoming
$ sudo ufw default deny outgoing
Allow SSH services
After that you also need to allow the services you want to use, on Linux this time it’s as if using a VPS or cloud service. So it requires remote service with SSH service. To allow SSH service we need to do the following command:
$ sudo ufw allow ssh
$ sudo ufw allow 22 / tcp
$ sudo ufw enable
After we do basic configuration, we need to check whether the UFW service is running by:
$ sudo ufw verbose status
Check Services that
have not been allowed On this server, I have allowed several services as illustrated below:
To check whether the UFW service is running by checking the services that have not been allowed. For example, what we have not allowed is the telnet, http, mysql, and 8080 services. On this server IP is 192.168.88.252.
Copy the server IP to the address bar of your browser then hit enter. If UFW is already working, the browser will continue to load, which means it is blocked by UFW.
Allow web server services
With the above command we have activated 3 services on the server.
Allow Multiple Ports At Once
We will try to “allow” multiple ports on this UFW at once so that we can configure the Firewall quickly. For example we will allow port from 1000 to port 2000 in the following way:
$ sudo ufw allow 1000: 2000 / tcp
$ sudo ufw allow 1000: 2000 / udp
Allow a specific IP address
We will try to create a new rule for a specific IP address in a way :
$ sudo ufw allow from 192.168.88.252 The
picture above shows that my IP can access the server without worrying about being blocked by UFW.
How to Delete UFW Rules
For how to delete UFW rules you can type a command like the following:
$ sudo ufw delete allow from 192.168.88.252
How to Reset UFW configuration
If we want to reset the UFW we have created, or want to remove all the rules we have created. then we need to enter the command as below:
$ sudo ufw reset
If the UFW status is already inactive it means that UFW is no longer running on the server.
How to Deactivate the UFW Service
If you want to disable the UFW service on the server then you only need to enter the following command:
$ sudo ufw disable
That’s the review of UFW on a Linux server this time, and you need to know that this UFW service can only secure Linux servers. dedicated.
If you want to secure the whole network then you need to use a Firewall or next generation Firewall which is the best solution for securing the network.
You can also consult the network firewall to direct NETDATAnamely on its official www.nds.idwebsite.That’s the tutorial this time and look forward to the next tutorial, hope it’s useful.