Run the following commands to configure ufw firewall to standard settings. These are usually the default settings for UFW but we run them on command line to reconfirm the settings.
sudo ufw default deny incoming
sudo ufw default allow outgoing
The first command stops all incoming traffic from accessing any resources from outside the machine. In other words, anyone snooping in or trying to break into your system will be denied access. The second command will allow all traffic from our system to travel as normal anywhere on LAN/Internet. These settings are ideal for your laptop whereby you can access resources on the internet but no one from outside can access anything on your system.
Allow Specific Traffic In UFW
To configure UFW firewall to accept traffic on certain ports then we need to specify the port with the command as listed below.
sudo ufw allow 80
The above command will allow port 80 to be open for both incoming and outgoing connections. By default, port 80 is used by web servers like Apache You can also specify services by name like the following
sudo ufw allow ftp
This will open up port 21 automatically. UFW uses the file on your linux machine (/etc/services) to look up ports for services defined. If it exists in the file, it will perform the necessary action. You can also specify port ranges. Say you have an application that uses ports from 8020 – 8050 then you can specify it the following way
sudo ufw allow 8020:8050/tcp
Managing UFW Services via IP Addresses
If you want to allow certain IP addresses then the following would do
sudo ufw allow from 10.25.23.1
If you prefer to only allow one service. Say, MySQL database running on port 3306
sudo ufw allow from 10.25.23.1 to any port 3306
How to Deny Connections
We may have a situation whereby we will need to deny connections. Say all web traffic be blocked off.
sudo ufw deny http
We can also deny traffic from a specific IP address like the following:
sudo ufw deny from 10.25.23.1
How to delete UFW firewall rules
The easiest method is to use the numbered approach. Type the following command
sudo ufw status numbered
It will give you al list of rules, numbered, that are implemented. Just select the rule you want to delete and type the following:
sudo ufw delete
You can also simply specify the known service or port and delete the rule. However, in such a case you will now to specify the exact rule “allow http” or “deny http” clearly when deleting the rule.
sudo ufw delete allow http
sudo ufw delete allow 80
To enable / Disable UFW firewall
sudo ufw status verbose
This command will give you the current status of your firewall. If it is enabled or disabled. You can also enable or disable it by using one of the following commands.
sudo ufw enable
sudo ufw disable
The disabling will simply close the firewall but will not remove your custom rules. However, if you want to reset the firewall and start from scratch again, the use the following command.
sudo ufw reset
This will delete all rules and policies and reset the firewall to default settings.
That’s it. Enjoy setting it up on your server, laptop or IT devices.