Firewall security is the key to manage all critical services. So many seasoned and decent securities are there. But, there is always room for improvisation and simplification of Firewall systems for Linux. A very classic and well-known example is IPTABLES, of course. IPtables took lots of experience and seasoning to be perfect with. Essentially Ubuntu Kernal system provides Netfilter as a packet filtering system. IPtables is the traditional interface to manipulate Netfilter in form of commands. The UFW act as a frontend for IPTables. Users, having trouble with IPTables can manage their securities easily with this feature.
Prerequisites and installation.
I would be using Ubuntu as demo OS here, Most of the Linux OS comes with that features by default.
Check status of firewall.
$ ufw status
Enable firewall.
$ ufw enable
Reload firewall. SSH may stope when you enable firewall. If you are working in virtual environment, connection may lost.
Allow and deny rules.
Allow ssh port
$ sudo ufw allow 22
Rule applied, check status.
Like port number, we can allow to open for a particular IP address.
$ sudo ufw allow from 192.168.42.142 && sudo ufw status.
What if you wants to allow a particular port for specific IP Addr.
$ sudo sfw allow from 192.168.100.100 to any port 22
Status check.
Deny a particular port for a specific IP addr.
$ sudo ufw deny from 192.168.100.100 to any port 80
Now, delete created rule, there are two methods and first option with rule number.
$ sudo ufw status numbered
Here, I want to delete rule number 5.
$ sudo ufw delete 5
Let’s use another way to delete any rule.
$ sudo ufw delete deny from 192.168.100.100 to any port 22
Lets reset all firewall rules to default.
$ sudo ufw reset
You can manage incoming and outgoing rules as well, have a look.
GUI Tool for UFW
Install GUI application for the firewall.
$ sudo apt-get install gufw
With basic understanding of security, a moderate user can manage items as well.
Conclusion
UFW can be used by that user, which is having not so deep knowledge of IPTables. but still wants to manage securities of their server and services. With very quick deployment ports or IP addresses, level restrictions can be managed to have a similar impact as it was supposed to be with IPTables.