Ufw, Gufw uncomplicated firewall, is actually two separate applications, but so easy to use. The first is CLI-based and the second is a GUI - graphical user interface.
Uncomplicated Firewall is a program for managing a netfilter firewall designed to be easy to use.
It uses a command-line interface consisting of a small number of simple commands, and uses iptables for configuration.
UFW is available in all Debian/LMDE repositories.
Gufw is intended to be an easy to use, with an intuitive graphical user interface for managing Uncomplicated Firewall.
Basically it works with all *Debian derivatives ( children ).
It supports common tasks such as allowing or blocking pre-configured, common P2P, or individual ports.
Gufw has been designed for Ubuntu, but is also available in Debian-based distributions and in Arch Linux, basically anywhere Python, GTK+ and UFW are available.
How to install them both.
License: GNU/GPL = Free.
Type the following command:
sudo apt-get install ufw && sudo apt-get install gufw
Press Enter, done.
Now to enable the firewall type:
sudo gufw
Press Enter, now look over your firewall settings.
"Click Status, to enable the firewall."
The main window will appear as shown above!
This is the easiest firewall for both beginners and professionals out there for Linux.
Now if you prefer using terminal commands, here are a few examples for the UFW firewall.
Check the status of the firewall.
Open a terminal window and type the following command:
sudo ufw status verbose
Press Enter and it will look like this.
By default, UFW blocks all of the incoming connections and allow all outbound connections.
EDIT DEFAULT POLICIES.
The default polices are defined in the file located at.
/etc/default/ufw
To edit the rules, type the following command:
sudo gedit /etc/default/ufw
Press Enter.
ACCEPT/DENY SSH CONNECTIONS:
First disable ufw !
sudo ufw disable
Press Enter.
To configure your UFW firewall to accept SSH connections, run the following command:
sudo ufw allow 22/tcp
Press Enter.
The SSH server is listening on the default port 22.
NOTE: You may want to use another port to minimize the attacks on your server.
Then enable ufw to update the settings:
sudo ufw enable
Press Enter.
To configure your UFW firewall to deny SSH connections, run the following command:
sudo ufw deny 22/tcp
Press Enter.
Restart ufw for the changes to take effect.
OPEN PORTS:
These examples shows the allow command and you just need to change port number and protocol.
Allow HTTP connections:
sudo ufw allow 80/tcp
Press Enter,
Allow HTTPS connections:
sudo ufw allow 443/tcp
Press Enter.
OPEN PORT RANGES:
sudo ufw allow 2200:2300/tcp && sudo ufw allow 2200:2300/udp
Press Enter.
Opening port range 2200 to 2300 for both tcp and udp protocol.
Allow a specific IP-address (change IP number):
sudo ufw allow from 192.168.0.1
Press Enter.
Allow a specific IP-address on a specific port (change IP and port number):
sudo ufw allow from 192.168.0.1 to any port 2222
Press Enter.
Deny a specific IP-address:
sudo ufw deny from 192.168.0.1
Press Enter.
RESET UFW:
If you arent't sure of what you are doing and want to reset the firewall rules.
Return to default settings.
Type the following command:
sudo ufw reset
Press Enter, done.
For more examples and documentation, visit the developers website.
