Ubuntu 12 - Managing firewall with UFW

Ufw (Uncomplicated Firewall) is there to make firewall configuration easier to manage/set up. Here are some basic commands/info.
    To install ufw if you don't already have it, run:
    sudo apt-get install ufw
    Ufw is DISABLED by default in ubuntu and you have to enable it:
    ufw enable
    However you probably don't want to just enable it for one session, but to start up at boot. To make sure it starts up at boot change this config file from ENABLED=no to ENABLED=yes:
    vi /etc/ufw/ufw.conf

Check Current Status / Rules

sudo ufw status

Setup Default Deny

You probably want ufw to deny everything by default and then add ports and ips later:

ufw default deny

Allow Protocol on Port

ufw allow (port-number-here)/(protocol-here)

Example:

ufw allow 22/tcp

Completely Unblock Port (less safe)

To allow a any ip and protocol on a certain port:

ufw allow (port-number-here)

Allow IP Complete Access

ufw allow from (ip-here)

Allow IP Range

ufw allow from (ip-here)/(cidr-number-here e.g. 20)

Block an IP

sudo ufw insert 1 deny from $IP_HERE
The insert 1 is important, as ufw will accept the connection if there is any rule with accept before the ip, e.g. an accept on port 80 before denying that ip, will allow that ip to connect on port 80.

Deleting Rules

There are many ways to delete rules in UFW, but the simplest way is to list the rules with their numbers/indexes and then delete by index with the following two commands:

sudo ufw status numbered
sudo ufw delete $RULE_NUMBER_HERE

Please Note

I believe rules from iptables can mix with ufw. For example, I have set up some routing rules in iptables for openvpn before then setting up  ufw to default block and allow ports 22 and 1194 and I can still browse the internet etc so packet forwarding is still working.

No comments:

Post a Comment