Difference between revisions of "Operating Systems/Linux/Ubuntu/Ubuntu 16.04 LTS/Firewalls"
| VistaCypat (talk | contribs)  | |||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 37: | Line 37: | ||
| <code>Rule added</code> | <code>Rule added</code> | ||
| − | In this example, from 203.0.113.100 specifies a source IP address of  | + | In this example, from 203.0.113.100 specifies a source IP address of (enter IP address here). | 
| If you run <code>sudo ufw</code> status now, you’ll see the specified IP address listed as denied: | If you run <code>sudo ufw</code> status now, you’ll see the specified IP address listed as denied: | ||
| Line 60: | Line 60: | ||
| To allow all network connections that originate from a specific IP address, run the following command, replacing the highlighted IP address with the IP address that you want to allow access: | To allow all network connections that originate from a specific IP address, run the following command, replacing the highlighted IP address with the IP address that you want to allow access: | ||
| − | <code>sudo ufw allow from  | + | <code>sudo ufw allow from (enter IP address here)</code> | 
| <code>Output</code> | <code>Output</code> | ||
| Line 76: | Line 76: | ||
| Anywhere                   ALLOW       203.0.113.101   | Anywhere                   ALLOW       203.0.113.101   | ||
| You can also allow connections from a whole subnet by providing the corresponding subnet mask for a host, such as 203.0.113.0/24. | You can also allow connections from a whole subnet by providing the corresponding subnet mask for a host, such as 203.0.113.0/24. | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| ==== GUI ==== | ==== GUI ==== | ||
Latest revision as of 21:31, 10 April 2025
Why?[edit | edit source]
Firewalls are critical for secure computer usage as prevent unwanted (and potentially malicious) connections from being made.
UFW[edit | edit source]
What is it?[edit | edit source]
UFW standing for Uncomplicated FireWall, is the integrated firewall in all versions of Ubuntu 8.04 LTS and later; it has a graphical element (GUFW) that is also available for use. It is a firewall configuration tool running on top of iptables. UFW is a powerful tool that can greatly improve the security of your servers when properly configured.
How to configure[edit | edit source]
Status[edit | edit source]
To check if ufw is enabled, run:
sudo ufw status
Output:
Status: inactive
The output will indicate if your firewall is active or not.
Enabling[edit | edit source]
If you got Status: inactive message when running ufw status, it means the firewall is not yet enabled on the system. You’ll need to run this command to enable it:
sudo ufw enable
Disabling[edit | edit source]
If you need to disable UFW, you can do so with the following command:
sudo ufw disable
Be aware that this command will fully disable the firewall service on the system.
Blocking an IP[edit | edit source]
To block all network connections that originate from a specific IP address, run the following command, replacing the IP address with the IP address that you want to block:
sudo ufw deny from 203.0.113.100
Output
Rule added
In this example, from 203.0.113.100 specifies a source IP address of (enter IP address here).
If you run sudo ufw status now, you’ll see the specified IP address listed as denied:
Output
Status: active
To Action From -- ------ ---- Anywhere DENY 203.0.113.100 All connections, coming in or going out, are blocked for the specified IP address.
Blocking a subnet[edit | edit source]
If you need to block a full subnet, you may use the subnet address as from parameter on the ufw deny command. This would block all IP addresses in the example subnet 203.0.113.0/24:
sudo ufw deny from 203.0.113.0/24
Output:
Rule added
Allowing an IP adress[edit | edit source]
To allow all network connections that originate from a specific IP address, run the following command, replacing the highlighted IP address with the IP address that you want to allow access:
sudo ufw allow from (enter IP address here)
Output
Rule added
If you run sudo ufw status now, you’ll see output similar to this, showing the word ALLOW next to the IP address you just added.
Output
Status: active
To Action From -- ------ ---- ... Anywhere ALLOW 203.0.113.101 You can also allow connections from a whole subnet by providing the corresponding subnet mask for a host, such as 203.0.113.0/24.
GUI[edit | edit source]
- Press Alt+F2 and run GUFW, pass the authentication check
- Turn the status slider to "on"
CLI[edit | edit source]
- open the terminal
- sudo ufw enable
- you can use ufw -helpto find other commands for further customization