Regarding firewall protection for your system, the default Ubuntu UFW program is a great option. For newer users of Ubuntu and Linux, UFW is short for “uncomplicated firewall.” UFW allows users with little knowledge of how Linux IPTABLES can secure their home network or server without the need to learn complicated long-tail commands that are more for the sysadmin side of things, where most users want to add and remove rules. The UFW program was designed with the home user in mind but can be used by any user for a home network or server and can be easily extended if more advanced features are needed.
The following tutorial will teach you how to check, enable and disable the UFW firewall and, for desktop users, install the firewall GUI to better control UFW for users that do not want to use the terminal in the future.
Table of Contents
Check UFW Firewall Status on Ubuntu Linux
For users new to Ubuntu, you can open the command terminal, which you can open following the top right-hand corner Activities > Show Applications > Terminal.
Next, find out the status of your UFW firewall using the command.
sudo ufw status
joshua@ubuntu-linux:~$ sudo ufw status Status: inactive joshua@ubuntu-linux:~$
The firewall is inactive, as Ubuntu does not enable this by default for new installations.
Enable UFW Firewall on Ubuntu Linux
The next step is to enable the firewall, which will block all incoming connections and allow all outgoing connections. This will immediately help secure your system.
You may lock yourself out for server users or any other user using an SSH remote connection session. You can add UFW rules while the service is inactive, allowing the SSH service.
sudo ufw allow ssh
Desktop users that do not use or know what SSH is, skip the command above.
joshua@ubuntu-linux:~$ sudo ufw allow ssh Rules updated Rules updated (v6)
Using the following command, enable the firewall.
sudo ufw enable
joshua@ubuntu-linux:~$ sudo ufw enable Firewall is active and enabled on system startup
Next, recheck your Ubuntu firewall by re-using the ufw status command.
sudo ufw status
joshua@ubuntu-linux:~$ sudo ufw status Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 22/tcp (v6) ALLOW Anywhere (v6)
As mentioned above, the firewall is enabled, and for users that had to allow SSH, you can see this is now in the allowed action.
Additionally, you can run the ufw status command with verbose attached for an even more detailed view.
sudo ufw status verbose
joshua@ubuntu-linux:~$ sudo ufw status verbose Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), disabled (routed) New profiles: skip To Action From -- ------ ---- 22/tcp ALLOW IN Anywhere 22/tcp (v6) ALLOW IN Anywhere (v6)
Besides the allow and deny actions (rules), you can see the default firewall settings to deny all incoming and allow all outgoing.
Disable UFW Firewall on Ubuntu Linux
Next, you can use the following command for users wishing to disable their firewall.
sudo ufw disable
joshua@ubuntu-linux:~$ sudo ufw disable Firewall stopped and disabled on system startup
Install UFW Firewall GUI
For users new to Linux, while in the terminal, you can install a software package that will control UFW with a graphical interface with the following command if you do not fancy using the terminal.
sudo apt install gufw -y
Next, go to the top left-hand corner and follow Activities > Show Applications > Firewall Configuration to bring up the GUI.
Next, you can enable or disable the UFW firewall and other more manageable settings.
As mentioned above, you can now adjust connections of default incoming and outgoing connections, check status, create rules, see logs and reports, and more, making using a firewall a much more enjoyable task for non-terminal users.