How to make advanced Configuration in the UFW firewall?

  • Post last modified:April 27, 2021
  • Reading time:5 mins read

In the last article, we have guided you to the installation of, basic ufw guide as I promise you I will provide the advance options too.

if you want to know the basis of ufw configuration

Read this: How to enable and disable firewall in Ubuntu?

Step by I’ll guide you how you can do this too in your system

Before proceeding first we will check the status of UFW

Step 1. Check status

$ sudo ufw status
check ufw status
check ufw status

If a ufw firewall is disable then enable it.

Step 2. Enable UFW

$ sudo ufw enable
To enable ufw
To enable ufw

We have enabled our firewall system,Let’s move more advance configuration.

Step 3. Block all incoming data traffic

If you want to block incoming traffic then ufw as a default which you need to call

$ sudo ufw default deny incoming
Deny all the incoming traffic
Deny all the incoming traffic

Check the status after deny

status check after deny incoming traffic
Status check after deny incoming traffic

Step 4. Allow incoming data traffic

If you want to allow incoming traffic then ufw as a default which you need to call

$ sudo ufw default allow incoming
Allow incoming traffic
Allow incoming traffic

To verify the status

Check the status
Check the status

There is a default policy allow and deny. If you want to block outgoing data traffic the same you have to follow the rule.

Step 5. Add Specific Rules

1.Allow

If you want to apply custom rules that also you can apply by using the service name or else by specifying the port number.

We will see some examples through you will get better idea

If you want to enable or allow both incoming and outgoing traffic for ssh then you can allow this way by default ssh port is 22.

If you don’t know the port number and service name then you can see all ports and their service names in the file “/etc/services”.

$ cat /etc/services

It will list down all the services and port number.

$ sudo ufw allow ssh

or

$ sudo ufw allow 22
Allow ufw using service name
Allow ufw using service name

If your ssh is not working then you can try this method to check whether the firewall is blocking request.

Verfiy after allow
Verfiy after allow

2.Deny

Above we have check how to allow specific port or service to request connection.

We see how we can deny specific port or service to request connection.

If you want to deny or disable both incoming and outgoing traffic for ssh then you can deny this way by default ssh port is 22.

$ sudo ufw deny ssh

or

$ sudo ufw deny 22
Deny ufw using service name
Deny ufw using service name

You can validate the changes

Verify the status
Verify the status

You can leverage “ufw” to allow packet based on TCP or UDP. To apply changes follow this way

We will block the https request 443/ tcp

$ sudo ufw deny 443/tcp

Verify the changes in ufw

Verify changes after tcp
Verify changes after tcp

Similarly, you can to for udp allow and deny.

Step 6. Advance ufw command

There is advance ufw option there you can allow a specific service to specific ip address .

1. Allow or Deny a specific IP address

Allow

This will allow ufw specific ip address to have allow access to all services from the remote server.

$sudo ufw allow from 10.20.60.30
Allow to specific IP
Allow to specific IP

#Deny

This will deny ufw specific IP address to have deny access to all services from the remote server.

$sudo ufw deny from 10.20.60.30
Deny to specific IP
Deny to specific IP

2. Allow or Deny a specific Port Range

#Allow Port Range

We will see now how we can allow specific port range to establish connection.

$ sudo ufw allow 4001:4050/tcp
Allow to specific Port range
Allow to specific Port range

#Deny Port Range

Now we will disable the port range with udp

$ sudo ufw deny 4001:4050/udp
Deny to specific Port range
Deny to specific Port range

#To allow specific ip address and port combination

$ sudo ufw allow from 10.20.40.30 to any port 80 proto tcp
Allow to specific ip and port combination
Allow to specific ip and port combination

If you’re requirement id for udp then remove tcp and add udp

$ sudo ufw allow from 10.20.40.30 to any port 80 proto udp

You can do same for deny to ip with the specific port.

#Interface specify

You can even set rule even to Hardware Network interface

$ sudo ufw allow in on wlo1 to any port 80
Allow to specific port
Allow to specific port

In my case, the wireless interface name is “wlo1” you can change as per your device interface name.

Step 7. Delete Rule

We have seen how to set different kinds of rules in firewall and some rules need to remove after sometime,or else you made typing error you need to remove that.

1.Using Service Name

Before removing
Before removing
$ sudo ufw delete deny https
After removing
After removing

2.Using Numbered

You can even remove the rule by using numbered to check rules number you need to type

$ sudo ufw status numbered 

It will list down the firewall rules with the numbered, you just need to mention the firewall number

$ sudo ufw delete 1
Delete ufw rule using numbered
Delete ufw rule using numbered

Then type the y on screen and firewall rule will be deleted.

Step 7. Disable Reset UFW Rule

After all this if you want to disable ufw even your rules will not get removed you can do that in a simple way

$ ufw disable
ufw disable
ufw disable

If you want to again enable the rules

$ ufw enable
ufw enable after disable
ufw enable after disable

This will enable the rule with the last rule.

Step 8. Reset UFW Rule

If you want to clean or reset all the UFW rules

$ ufw reset
reset ufw rules

Now ufw is reset sucessfully.

Conclusion

All these pretty simple steps are required to use ufw,It requires sudo permission to make changes.

Please let us know which the next topic you want know more about.

Like what you read? Please share it with others.
guest
0 Comments
Inline Feedbacks
View all comments