FIREWALLS

network globe

A Firewall is an essential tool used to allow or block devices or services from communication with your network. This can be done by blocking ports, IP address or domains that may not be desired. The following tools can be used to accomplish this.

UFW FIREWALL

network globe

UFW is a program used for managing a Linux firewall. Network ports, IP address and services can be easily allowed or blocked using this tool.

01

Firewall Status Commands

Check to see if the system has a firewall pre-installed. This command will also show any rules that have been applied. Use the following command to check it's status. The UFW firewall will not be enabled or started after it has been installed. Use the following commands to check it's status and change it's options. The last section will cover how to add and remove rules.

Check firewall status
Use the verbose option for a more detailed output.

fosman@linux-server:~$ sudo ufw status verbose

Enable, Disable, Start and Stop
The UFW firewall is not enabled on startup on defualt.

fosman@linux-server:~$ sudo ufw enable
fosman@linux-server:~$ sudo ufw disable
fosman@linux-server:~$ sudo ufw start
fosman@linux-server:~$ sudo ufw stop

02

Install UFW (Uncomplicated Firewall)

If the UFW firewall is not already on the system
It can be easily installed using the following commands

Update the system and install UFW

fosman@linux-server:~$ sudo apt update
fossman@linux-server:~$ sudo apt install ufw

03

Enable UFW

Enable the UFW firewall on system start

Enable on startup and confirm

fossman@linux-server:~$ sudo ufw enable
fossman@linux-server:~$ sudo ufw status verbose

04

Configuration (Add/Remove Rules)

By default, no rules will be applied. If you would like to add any, the following commands can be used. In this example a rule for ssh will be added to the firewall which will allow all connections from this protocol

Allow SSH through the firewall

fossman@linux-server:~$ sudo ufw allow ssh

Confirm the rule was added

fossman@linux-server:~$ sudo ufw status verbose

Use the following commnads to remove a rule

fossman@linux-server:~$ udo ufw status numbered
fossman@linux-server:~$ sudo ufw delete rule_number