Ruby Sash Consulting

AppSec, NetSec, DevOps, Social Engineering, Cloud, Forensics, Programming, SysAdmin Notes

UFW 

UFW Tutorial for Ubuntu

Dave 0 Comments ,

UFW manages iptables in a little bit easier way than actually writing IPtables commands. This article will give a few examples of UFW usage.

Why Use a Firewall?

Every server listens on a port. Most clients know to go to that specific port to communicate and interact with the server. You may not want people interacting with all of the services on your server. The orange box of this netstat command shows all open ports.

Even though they are open and listening, we can use a firewall to let them speak to only certain computers, or no external computers.

Find Your IP, So You Can Allow Yourself

http://whatismyip.org is a good graphical tool, but you can also pull your ip information from the command line using ifconfig or curl.

Installing UFW on Ubuntu

First we install ufw packages

Default Deny Rule

Next, set the default policy to deny everything.

UFW Allow Services

We’ll need to add the services and ports we want. Here are a few examples that are specific

And here are some more wide open examples:

You can also specify named ports as found in the /etc/services:

Here is a sample of the list of named services:

Enabling Firewall Rules

Finally, enable logging and then enable the changes you made:

View UFW Status/Rules

You can review iptables directly:

or you can see ufw’s status like so:

Deleting Rules

First, find the rule numbers, then delete them (x = the rule number):

Script to Automate Dynamic Access

You may be interested in this related tutorial on updating UFW rules using cron/bash to allow dynamic remote access.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.