Managing network security on various endpoints can be a challenging task. Adorned by its name, Uncomplicated Firewall, also known as UFW, provides an easy command line interface to manage network security for endpoints.
UFW provides a user-friendly framework for managing netfilter and a command-line interface for working with the firewall. On top of that, if you’d rather not deal with the command line, UFW has a few GUI tools, such as Gufw, that make working with the system incredibly simple.
To start off, you have to install the UFW package to your operating system using the following command.
apt update -y && apt install ufw
After UFW is installed, you want to make sure to either enable or disable IPV6 support in the configuration file by setting
IPV6=no depending on your system's configuration.
Following up, set up the default policies for your device. In this example, we are blocking any incoming connections but allowing any outgoing connections by default.
sudo ufw default deny incoming sudo ufw default allow outgoing
To allow incoming connections from SSH, you need to run the following command. If you are running SSH on a different port, make sure to change that to whatever suits your needs.
ufw allow 22
You can also check out the list of applications and their information registered in UFW using the following commands.
ufw app list ufw app info "Nginx Full"
Allowing both HTTP and HTTPS traffic using Nginx has never been easier than running the following command
ufw allow "Nginx Full"
Finally, you can enable UFW by entering the following command.
You are now running a machine with a rather uncomplicated firewall configured. You can check UFW's status at any time using
ufw status. Also, make sure to check out any additional command you need using
ufw help! 🔥
Post image by MasterTux