Setup Ufw Ubuntu

March 14, 2020

How to setup a quick and easy firewall on a linux machine using UFW

UFW, or Uncomplicated Firewall, is a front-end to iptables. Its main goal is to make managing your firewall drop-dead simple and to provide an easy-to-use interface. It’s well-supported and popular in the Linux community—even installed by default in a lot of distros.

Install on ubuntu

sudo apt install ufw

Check the status

sudo ufw status verbose

At this point, it would probably say inactive. You will be able to see the list of rules once you activate ufw

Allow SSH

If on a remote machine, it is very important to allow SSH connections before you activate UFW or you could get locked out of the machine.

To allow ssh connections, do the following:

ufw allow ssh

Activate UFW

sudo ufw enable

Deactivate UFW

sudo ufw disable

Setup defaults

A sensible default for a typical firewall would be to deny all incoming traffic and to allow all outgoing traffic to/from the machine. This can be setup with the following commands:

sudo ufw default deny incoming
sudo ufw default allow outgoing

Of course, you can always deny all outgoing traffic as well, which could prevent remote shell attacks.

Add other rules

HTTP

ufw allow http

HTTPS

ufw allow https

TCP

ufw allow 53/tcp

UDP

ufw allow 15563/udp

Delete rules

ufw allow 15563/udp

Get a numbered list of rules and then use the line number to delete the rule

sudo ufw status numbered
sudo ufw delete [number]

where [number] is the line number

Reset

To reset the rules to the servers defaults use,

sudo ufw reset