Embed Size (px)
Citation preview
How To Install and Configure Ubuntu Firewall
Contents
Overview ....................................................................................................................................................... 2
Applies To ...................................................................................................................................................... 2
Install ufw Package........................................................................................................................................ 2
Allow incoming SSH Connections.................................................................................................................. 3
Allow incoming TCP and UDP Connections ................................................................................................... 3
Allow incoming Connections by Port & Protocol type .................................................................................. 3
Allow incoming Connections by Service Name ............................................................................................. 3
Allow Incoming connection by Port Ranges & Protocol Type....................................................................... 3
tcp connections ..................................................................................................................................... 3
udp connections .................................................................................................................................... 3
Allow Incoming connection by IP Address .................................................................................................... 3
Deny incoming Connections ......................................................................................................................... 3
Validate Rule deletion ................................................................................................................................... 4
Deleting Firewall Rules .................................................................................................................................. 4
Enable or Disable Firewall Service – System Startup .................................................................................... 5
Enabling at OS Startup .............................................................................................................................. 5
Disabling at OS Startup ............................................................................................................................. 5
Reset to Default state ................................................................................................................................... 5
sudo ufw reset .............................................................................................................................................. 5
How To Install and Configure Ubuntu Firewall
Overview
Firewall plays an important role in providing security to the host, by blocking traffic from unwanted
sources.
Applies To
Ubuntu 12.04
Install ufw Package
sudo aptitude -y install ufw
or
sudo apt -y install ufw
Note: "-y" switch will not ask for confirmation before download and installation.
Check the Firewall Status
sudo ufw status
or
sudo ufw status verbose
Note: "verbose" will give verbose output
Output:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW Anywhere
22 ALLOW Anywhere (v6)
How To Install and Configure Ubuntu Firewall
Allow incoming SSH Connections
In order to allow ssh connection on the host, open the port “22” alternatively you could open by specifying
the service name “ssh”
sudo ufw allow ssh
Output:
Rule added
Rule added (v6)
Allow incoming TCP and UDP Connections
Allowing ping requests, execute the command
sudo ufw allow 8/tcp
sudo ufw allow 8/udp
Allow incoming Connections by Port & Protocol type
sudo ufw allow 22/tcp
Allow incoming Connections by Service Name
sudo ufw allow www
Allow Incoming connection by Port Ranges & Protocol Type
For tcp connections
sudo ufw allow 3000:3500/tcp
For udp connections
sudo ufw allow 3000:3500/udp
Allow Incoming connection by IP Address
sudo ufw allow from 192.168.1.25
Deny incoming Connections by port & Protocol Type
sudo ufw deny 80/tcp
Output:
Rule added
Rule added (v6)
How To Install and Configure Ubuntu Firewall
Validate Rule deletion
sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
Anywhere ALLOW IN 192.168.255.255
80/tcp DENY IN Anywhere
22 ALLOW IN Anywhere (v6)
80/tcp DENY IN Anywhere (v6)
Deleting Firewall Rules
sudo ufw delete allow from 192.168.255.255
Output:
Rule deleted
sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
80/tcp DENY IN Anywhere
22 ALLOW IN Anywhere (v6)
80/tcp DENY IN Anywhere (v6)
How To Install and Configure Ubuntu Firewall
Enable or Disable Firewall Service – System Startup
Enabling at OS Startup
sudo ufw enable
Output:
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
Disabling at OS Startup
sudo ufw disable
Output:
Firewall stopped and disabled on system startup
Reset to Default state
sudo ufw reset
Output:
Resetting all rules to installed defaults. This may disrupt existing ssh
connections. Proceed with operation (y|n)? y
Backing up 'user.rules' to '/lib/ufw/user.rules.20140220_105532'
Backing up 'after6.rules' to '/etc/ufw/after6.rules.20140220_105532'
Backing up 'user6.rules' to '/lib/ufw/user6.rules.20140220_105532'
Backing up 'before6.rules' to '/etc/ufw/before6.rules.20140220_105532'
Backing up 'after.rules' to '/etc/ufw/after.rules.20140220_105532'
Backing up 'before.rules' to '/etc/ufw/before.rules.20140220_105532'
