An uncomplicated introduction to Firewall in linux(UFW on Ubuntu)

When I heard the name Firewall for computer network, I imagined it to be a protective layer that destroys anything harmful in the transport. Like a wall of actual fire (please don't judge me, I was young and imaginative)

As I grew up, the urge to learn more about firewall was lost in the process of learning cooler and commercially viable technologies. But back in 2011, I tried to deploy a WordPress application in a linux server for the very first time. I did it several times in shared hosting, but never did it by my own on a Linux server. And after I deployed the application, I expected everything to work, I even made a curl request from inside the server, and it seems to be working fine.

But when I tried to access the application from outside, The application wasn't working 😠. I tried everything(I thought I did), still no luck.  Then I did what every other engineer would do, I searched for the solution and found it in StackOverflow.

The solution had something to do with iptables , I just copied and pasted Like a boss, and then the problem was solved. And I had an impression that iptable is a tool that opens and closes ports from a linux computer (Still didn't know that was a firewall)

I came back to iptables while writing an article in my blog, with full disclosure, I did not know too much about iptables back then, but I had to study it, and when I looked up iptables I also got introduced with linux host firewall, and their working principles. I had a really tough time figuring out the syntax for iptables command and I always keep forgetting them.

Two years ago, One of my Colleagues introduced me to ufw , and I was surprised to see how convenient it was. Suddenly managing iptables became super fun.

Most ubuntu distributions come with ufw preinstalled, if it's not included, installing it just a package manager command away. And once installed, ufw is disabled by default, and it should.

Let's start by adding some ground rules, Turn off all incoming connections:

sudo ufw default deny incoming

This rule states that incoming connection will be blocked in all the ports (If you are doing it with ssh, don't worry. This rule will only be effective when ufw is enabled)

Let's allow all outgoing connections(Unless you want to restrict your applications to make outgoing connection...and of course, apt won't work either)

sudo ufw default allow outgoing

So far the rules are straightforward, Application on the linux computer can communicate with other computers, but they are not accessible from outside of the server. For example: you can download files from other servers from that linux machine, but nothing will be downloaded from that server.

Let's start opening windows (pun intended) for some of the services. Let's start by opening SSH:

sudo ufw allow ssh

ufw knows the default port for SSH (22), so the command will open incoming connection for port 22. If you belong to the clever people group and change the ssh port, you can also mention the port number. For example if the port is 2200:

sudo ufw allow 2200

Now if you are planning to run a HTTP/HTTPS Application, those ports can be opened in the same way:

## FOR HTTP

# By Protocol name
sudo ufw allow http
# Or you can enable by port number
sudo ufw allow 80

## FOR HTTPS

# By Protocol name
sudo ufw allow https
# Or you can enable by port number
sudo ufw allow 443

When you are done with all the opening and closing, Now it's time to enable ufw , that is one command away. Just run the following command:

sudo ufw enable

You might see a warning about SSH, like this screenshot below. In that case, don't worry, we already allowed SSH port. Just input y

Congratulations! You have successfully configured a basic client firewall. If you run the command  sudo ufw status , you should see something like the following:

Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
80                         ALLOW       Anywhere
443                        ALLOW       Anywhere
22 (v6)                    ALLOW       Anywhere (v6)
80 (v6)                    ALLOW       Anywhere (v6)
443 (v6)                   ALLOW       Anywhere (v6)

It means everything is working correctly.

Now, Firewalls, even ufw is more sophisticated and powerful, and I really could not do enough justice to the useful tool with this small article. Please find some of the resources available to learn more about ufw

Hope you Article helped you in some way.

UFW Resources:

  1. UFW on Ubuntu Wiki
  2. Manpage for UFW