UFW, short for Uncomplicated Firewall, is basically a simplified firewall mechanism that is implemented upon iptables itself. As a result, making it much easier to configure ufw than to configure iptables. Therefore, it can be said that ufw is technically a program for managing a netfilter firewall which aims to provide an easy to use interface for the user.
Need for UFW – uncomplicated firewall ?
Consider a situation where protocols like ssh, ftp, etc., which if left open for everyone and anyone to connect, might result in a massive security breach by the attackers or malicious users. Hence, this originated the need for a firewall. Firewall is useful to us in a way, that it allows us the remote access to the system but in a limited fashion. A simple example would be, firewall can allow certain ports to be left open to only a few IP addresses to limit security breach and also allowing connections to only a trusted device.
Thus, if we do not lock down ssh or ftp or for that matter, any other protocol, we are creating a massive vulnerability to our system by letting ssh or other protocol’s designated port open for everyone to access. But with the help of firewalls, we provide remote access along with security lock down to avoid malicious users or hackers to gain access to the system. UFW aims to provide an easy to use interface for people who are unfamiliar with firewall’s basic concepts.
Also, at the same time, ufw simplifies complicated iptables commands and thus help an administrator perform at better efficiency.
Basic Commands to understand the functioning of ufw
Before starting with practicing a few commands, first of all make sure that you have ufw installed on your system. By default, ufw is already installed in Ubuntu, but if in any case ufw is not present, you can try installation by running the following commands:
sudo apt install ufw
sudo apt-get install ufw
Let’s start with basic commands,
- To enable ufw,
Command: sudo ufw enable
- To disable ufw,
Command: sudo ufw disable
- To check the status of the ufw rules,
Command: sudo ufw status verbose
– The status is inactive, if ufw is disabled.
– If ufw is enabled, it’s status is active.
Here, default includes :
- deny (incoming) : This will make sure that no outside system can connect to your machine.
- allow (outgoing) : This means that all outgoing request are enabled.
- disabled (routed) : This means that all routing is disabled and forwarding is blocked.
- To add a rule,
Command: sudo ufw allow port_number
- To allow a specific IP,
Command: sudo ufw allow from ip_address to any port port_number
- To allow an IP range,
Command: sudo ufw allow from ip_address/24 to any port port_number
- To allow a specific protocol,
Command: sudo ufw allow protocol_name
- To check for status along a serial number with it,
Command: sudo ufw status numbered
- To remove a connection,
Command: sudo ufw delete serial_number
- To deny a rule,
Command: sudo ufw deny protocol_name
- To reset connections,
Command: sudo ufw reset
The reset command is an alternative to deleting each rule one by one.
This is just an overview of the concept and few commands of ufw to practice.
Hope it helps.