How To Set Up a Firewall with UFW in Ubuntu \ Debian

👤 admin

🔴 Admin

✍️ The most important thing in the world is to not be alone.

⏳ Last active: 15 Apr 2025 at 16:01

📅 Created: 11 Apr 2021 at 18:16

👀 Viewed: 16 times

✉️ Send Email

Introduction

The Linux kernel includes the Netfilter subsystem, which is used to manipulate or decide the fate of network traffic headed into or through your server. All modern Linux firewall solutions use this system for packet filtering.

UFW - Uncomplicated Firewall

The default firewall configuration tool for Ubuntu is UFW. Developed to ease iptables firewall configuration, UFW provides a user-friendly way to create an IPv4 or IPv6 host-based firewall.

UFW by default is initially disabled. From the UFW man page:

“UFW is not intended to provide complete firewall functionality via its command interface, but instead provides an easy way to add or remove simple rules. It is currently mainly used for host-based firewalls.”

How to install UFW in Ubuntu \ Debian ?

UFW is part of the standard Ubuntu 20.04 installation and should be present on your system. If for some reason it is not installed, you can install the package by typing:

# Install UFW

sudo apt update

sudo apt install ufw

How to enable or disable UFW

Whit this command we can enable or disable the UFW agent in our operating system, also we have a third option reset which we have listed bellow in this article.

# Enable uncomplicated firewall

sudo ufw enable

# Disable uncomplicated firewall

sudo ufw disable

Setting up default polices

The default behavior of the UFW Firewall is to block all incoming and forwarding traffic and allow all outbound traffic. This means that anyone trying to access your server will not be able to connect unless you specifically open the port. Applications and services running on your server will be able to access the outside world.

# Setting Up Default Policies

sudo ufw default deny incoming

sudo ufw default allow outgoing

How to add or deny a specific port Allowing a port is going to permit connections to that specific port. In this case we are going to allow ssh connections to port 22 or if we want we are going to deny them.

# Add port

sudo ufw allow 22

# Deny port

sudo ufw deny 22

How to remove a specific rule

Sometimes we don't need some of the rules we have created so we can delete them with this simple command.

# Remove rule

sudo ufw delete deny 22

Allow port only from a specific IP

In this case we are going to allow access to our server only from the IP address 192.168.0.2 , other IP addresses are going to be declined.

# Allow 192.168.0.2 to access our server

sudo ufw allow proto tcp from 192.168.0.2 to any port 22

Check firewall status

UFW is disabled by default. You can check the status of the UFW service with the following command:

# Check status

sudo ufw status

Working with applications

An application profile is a text file in INI format that describes the service and contains firewall rules for the service. Application profiles are created in the ```

/etc/ufw/applications.d

View which applications have installed a profile

sudo ufw app list

Allow application

sudo ufw allow samba

Allow only specific IP or IP-range to enter application

ufw allow from 192.168.0.0/24 to any app samba

ufw allow from 192.168.0.2 to any app samba

Details about which ports, protocols, etc., are defined for an application

sudo ufw app info samba

Enable logs for UFW

Firewall logs are essential for recognizing attacks, troubleshooting your firewall rules, and noticing unusual activity on your network. You must include logging rules in your firewall for them to be generated, though, and logging rules must come before any applicable terminating rule (a rule with a target that decides the fate of the packet, such as ACCEPT, DROP, or REJECT).

Enable logs

sudo ufw logging on

Disable logs

sudo ufw loggin off

Connections to a Specific Network Interface

If you want to create a firewall rule that only applies to a specific network interface, you can do so by specifying “allow in on” followed by the name of the network interface.

Check what is your card name

ip addr

Example

1: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state

Allow card to port name

sudo ufw allow in on eth0 to any port 80

Resetting UFW

This will disable UFW and delete any rules that were previously defined. Keep in mind that the default policies won’t change to their original settings, if you modified them at any point. This should give you a fresh start with UFW.

Reset UFW

sudo ufw reset

Video Tutorial on how to do things in article

https://youtu.be/VtWo_oSbEm0

We hope you enjoyed this article. If that is so please rate this page with the stars bellow and subscribe to our <a href="https://www.youtube.com/channel/UCh7Q9uaAt5-Z2lCZXX3OsvQ">YouTube channel</a>.