On this page you will learn how to secure Ubuntu by setting up a powerful Firewall to protect your files from hackers and spammers.
Ubuntu is already a very safe operating system. It already includes its own firewall, known as ufw – short for “uncomplicated firewall.” Ufw is an easier-to-use frontend for the standard Linux iptables commands. You can even control ufw from a graphical interface.
Ubuntu’s firewall is designed as an easy way to perform basic firewall tasks without relying on iptables(my favorite). It doesn’t offer all the power of the standard iptables commands, but it is much easier to setup even for a complete beginner.
Table of Contents
Enable Ubuntu Firewall
As we noted above, the firewall is disabled by default. To enable the firewall Ubuntu 14.04, run the following command from a terminal:
sudo ufw enable
Configure Ubuntu Firewall Rules
Let’s say you want to allow SSH traffic on port 22. To do so, you can run one of several commands:
sudo ufw allow 22 (Allows both TCP and UDP traffic – not ideal if UDP isn’t necessary.)
sudo ufw allow 22/tcp (Allows only TCP traffic on this port.)
sudo ufw allow ssh (Checks the /etc/services file on your system for the port that SSH requires and allows it. Many common services are listed in this file.)
Ufw assumes you want to set the rule for incoming traffic, but you can also specify a direction. For example, to block outgoing SSH traffic, run the following command:
sudo ufw reject out ssh
You can view the rules you created with the following command:
sudo ufw status
To reset the firewall to its default state, run the following command:
sudo ufw reset
Enable Ubuntu Firewall Logs
Logging is also disabled by default, but you can also enable logging to print firewall messages to the system log:
sudo ufw logging on
Install GUFW Graphical Interface
GUFW is a graphical interface for ufw. Ubuntu doesn’t come with a graphical interface(I still don’t know why!), but gufw is included in Ubuntu’s software repositories. You can install it with the following command:
sudo apt-get install gufw
GUFW appears in the Dash as an application named Firewall Configuration. Like ufw itself, GUFW provides a simple, easy-to-use interface. You can easily enable or disable the firewall, control the default policy for inbound or outbound traffic, and add rules. I honestly can’t even bother with UFW if am not using a graphical interface, it simply speeds up the process, don’t you agree?