Linux Security 101 : The UFW - Uncomplicated firewall -



UFW or the uncomplicated firewall is a program build on top of iptables - program for writing firewall rules in Linux - to make writing and changing the firewall rules more straightforward.

We first start by looking at the connection listening to incoming traffic on a system using the below command:


We see that ports 22,8080 and 2322 are open in coming for traffic.

The "netstat" command might be deprecated on some systems, we could use instead the "ss" command with the "-l" flag as we see below:


To check if UFW
 is active on the system, using the below command:


We could set the default rules to allow outgoing connections:


We could also set the default rules to reject incoming connections:


Now, we could add the "allow" rules for our ssh connections on port 22 from the network 10.111.23.0/24 for example:


we could also add the "allow" rules for our http connections on port 8080 from the network 10.111.23.0/24:


In case, we didn't deny all the incoming connections by default, we could  add a rule to reject any connection to port 2322:


Now, it is time to enable and start our firewall:


To check is UFW is active on the system, we use the below command:


To remove a rule for example the one related to port 2322, we use the below command:

Comments

Leave as a comment:

Archive