30 C
Jaipur
Friday, October 30, 2020

Advanced UFW Firewall Configuration in Ubuntu 20.04 – Linux Hint

Must read

Display Network Information In Linux Using What IP Tool

What IP is a simple graphical application used to display network information in Linux operating systems. Using What IP, anyone can easily find the...

Google Maps Working on Adding Language Changer, Assistant Driving Mode Still in the Works

Google Maps has seen a bunch of updates over the last couple of months, but one of the features that we know the company...

Uncomplicated Firewall, abbreviated as UFW, is an easy-to-use and reliable firewall interface. It supports IPv4 and IPv6 versions of Ubuntu. This article will show you how to perform UFW firewall installation and how to configure advanced firewall rules in Ubuntu 20.04

Install UFW on Ubuntu 20.04

UFW is available on Ubuntu-based distributions, but in case you deleted it by mistake, you can install it again. Follow the steps below to do so.

Step 1: Update APT

As always, first, update your APT. Do so by entering the following command:

Step 2: Upgrade APT

Now, upgrade your APT. To do so, enter the command below:

Step 3: Download and Install UFW

Enter the following command to download and install UFW onto your Ubuntu machine:

You will be prompted with a yes/no condition. Select “y” to continue the installation.

Step 4: Enable/Disable UFW

You can enable/disable the UFW service every time the system boots up via the following command:

Check the current status of UFW using the terminal command below:

Step 5: Block Incoming and Allow Outgoing Data Traffic

To block any incoming and allow outgoing data traffic, which is the default configuration in the UFW policy, enter one of the following two commands (the first is for outgoing, the second is for incoming):

$ sudo ufw default allow outgoing

Command: $ sudo ufw default deny incoming

Step 6: Add, Modify, and Delete Firewall Rules

You can add, modify, and delete firewall rules using two different methods, port number or service name. Enter either of the following commands to do so:

Filter the data packets using different protocols.

Step 7: Check Status of Updated Rules

You can check the status of the updated rules with the terminal command given below:

$ sudo ufw status verbose

Using Advanced UFW Rules

You can allow a specific IP address to gain or deny access. Execute the following command to allow the IP address to gain access to the services:

$ sudo ufw allow from 162.197.1.100

$ sudo ufw deny from 162.197.1.100

Authorize an IP address to gain access to a TCP port using the terminal command given below:

$ sudo ufw allow from 162.197.1.100 to any port 80 proto tcp

You can specify ranges for a specific port. To do so, execute the following command:

$ sudo ufw allow 2000:3000/tcp

You can also deny a specific IP to gain access to a port while allowing other IP addresses to access that port. To do so, enter the command given below:

$ sudo ufw allow from 162.197.0.86 to any port 22

$ sudo ufw deny from 162.197.0.0/24 to any port 22

Allow specific protocol traffic on an ethernet interface by entering the following:

$ sudo ufw allow in on etho0 to any port 80

UFW allows all ping requests; you can change this option using your favorite text editor in the configuration file.

$ sudo gedit /etc/ufw/before.rules

Now, remove the lines given below:

-A ufw-before-input -p icmp –icmp-type destination-unreachable -j ACCEPT
-A ufw-before-input -p icmp –icmp-type source-quench -j ACCEPT
-A ufw-before-input -p icmp –icmp-type time-exceeded -j ACCEPT
-A ufw-before-input -p icmp –icmp-type parameter-problem -j ACCEPT
-A ufw-before-input -p icmp –icmp-type echo-request -j ACCEPT

Save this file and close it.

To reset all the rules in UFW, execute the following terminal command:

Conclusion

That is all about UFW, using the UFW firewall rules, and using the UFW advanced firewall rules.

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Display Network Information In Linux Using What IP Tool

What IP is a simple graphical application used to display network information in Linux operating systems. Using What IP, anyone can easily find the...

Google Maps Working on Adding Language Changer, Assistant Driving Mode Still in the Works

Google Maps has seen a bunch of updates over the last couple of months, but one of the features that we know the company...