Find out How to Add Custom Firewall Rules on Ubuntu has been published by African2nice for How to Add Custom Firewall Rules on Ubuntu – Online Fintech Tips for How to Add Custom Firewall Rules on Ubuntu.
Firewalls are a must on every operating system to deal with both traffic management and to deter hackers from gaining access to your computer. Nowadays, firewalls are available for almost every platform and Linux is no different. Today, we’re going to learn about creating custom traffic filtering rules for a firewall on a Ubuntu computer. It’s easy to do but can be messy as well, if not done correctly. If available, I suggest playing with firewall rules on a spare computer to get familiar with how things work. So, let’s get started and learn to create custom firewall rules on a Ubuntu machine.
Remember, the more custom firewall rules you create, the more you have to spend on managing them. So, before you create a custom rule, always make sure if it is necessary or not.
After going through this tutorial, you’ll be able to add, delete, and edit custom firewall rules on your Ubuntu computer. The tool used below can be used on other Linux distributions as well.
Understanding the Basics
By default, the firewall management tool is iptables
on Ubuntu. But, using it can be a bit overwhelming for slightly technically challenged users.
To make things easier for firewall management, Uncomplicated Firewall (UFW) is the best option and that’s what we’re going to use in this tutorial.
Install UFW
Although UFW comes preinstalled on an Ubuntu machine, still, if it is still not available on your system, you can install it using the following command.
# Install Uncomplicated Firewall (UFW)
sudo apt update
sudo apt install ufw
# Install Uncomplicated Firewall (UFW) GUI Application
sudo apt-get install gufw
As you can see, a GUI interface is also available, in case you do not prefer command-line usage.
Check Firewall Status
Best practices encourage users to always first check the current status of the firewall. You can check it using the following command.
# Check firewall status
sudo ufw status
If the firewall is currently in an inactive state, the command shown above will display the status.
Enable or Disable Firewall
To enable or disable the ufw
firewall, use the following commands.
# Enable firewall
sudo ufw enable
# Disable firewall
sudo ufw disable
It is highly recommended to reboot your Ubuntu computer after enabling or disabling the computer. Failing to do so may result in unwanted traffic behavior.
Read Also: Best SEO Agencies & Companies in London for 2024
Managing Traffic on IP Addresses and Ports
While creating custom firewall rules, the most common action is to allow or deny traffic from specific IP addresses. And, that’s what we’re going to learn. Here we go!
# Allow incoming packets from a specific IP address
sudo ufw allow from 111.11.33.44
# Deny incoming packets from a specific IP address
sudo ufw deny from 111.11.33.44
To allow traffic from a subnet mask for a range of IP addresses in a local network, use the following command.
# Allow incoming packets from a range of IP addresses
sudo ufw allow from 192.168.1.10/18
A more advanced rule may involve port and protocol too. Here’s an example.
# Deny incoming packets from a specific IP address for port 22 and protocol TCP
sudo ufw deny from 111.11.33.44 to any port 3457 proto tcp
If you think you’ve messed up the traffic and want to roll back to the default firewall state, use the following command.
# Reset firewall to the default state
sudo ufw reset
If you want to delete any custom rule, simply prefix that rule with the delete
directive. Here’s how you should do it.
# Delete the rule → (Allow incoming packets from a range of IP addresses)
sudo ufw delete allow from 192.168.1.10/18
If you have a large set of custom rules and you want to delete a specific one but don’t remember the command you used earlier, use the rule number to delete it easily.
To do that, first of all, list the rules with their ID number using the following command.
# List the rules with their ID numbers
sudo ufw status numbered
And once, you’ve picked the rule from the list, use its ID number to delete it easily.
# Delete a rule using its ID number
sudo ufw delete 27
At times, you may want to revert to the default filtering rules for the firewall. To do that, use the following commands.
# Revert to the default filtering rules
sudo ufw default deny incoming
sudo ufw default allow outgoing
Remember, whenever you turn on UFW, the default traffic rules are good enough for home usage. So, in normal cases, an average home user may never fiddle with these default settings.
In the end, one must understand that customizing firewall filtering rules is a serious exercise. Unless you’re not clear what you’re doing, do not create such custom rules.
Discover more from African2nice Technology
Subscribe to get the latest posts sent to your email.