How do you keep your system safe from attacks? To keep your network and your computer from being accessed by unauthorized users, it is advisable to have a firewall in place. In this article, we will discuss how to set up a firewall on Linux and add rules to allow access for your other devices.
Firewall on Linux: Basics
A firewall on Linux is a network security program that monitors outgoing and incoming network traffic and makes decisions to block or allow specific traffic based on defined security rules.
Firewalls are the first line of defense in networks and operating systems. They demonstrate a barricade between controlled and secured internal networks and unsecured external networks, such as the Internet.
A firewall can be a software, hardware, or a combination of both.
What’s the point in configuring a firewall on a Linux Machine?
Linux is known to be a very safe OS compared to other server operating systems. In having a Linux OS, you are reassured of a certain level of security. Generally, Linux systems are immune to most viruses and other threats that other systems fall victim to. But with the heightened volume, diversity, and magnitude of cyber threats these days, Setting up a Linux firewall is essential.
Setting Up a Firewall on Linux
For our example, we’ll be using UFW to manage our Linux firewall. We chose UFW for its simplicity and its availability, since it comes pre-installed on most Linux distributions. In case you are curious, UFW means Uncomplicated Firewall.
UFW is usually disabled by default, use the command below to check its status.
$ sudo ufw status
As you can see in the screenshot above, you will need root or sudo privilege to access Linux’s firewall.
Use the command below to enable UFW.
$ sudo ufw enable
Using the command “
sudo ufw status” you can verify that your firewall has indeed been enabled.
If, for some reason, you need to disable your firewall, you can use the command below to do it.
$ sudo ufw disable
Checking App Rules
To list down applications with firewall rules, you can use the command below.
$ sudo ufw app list
Here you can see that we currently have only one application which is CUPS.
To see more information, like which ports are open for the applications in your list, use the command below. Remember to type in the app name exactly as it shows in the list as it is case-sensitive.
$ sudo ufw app info <App Name>
$ sudo ufw app info CUPS
You can see here that CUPS uses the port number 631, and it also shows information like the title and the application description.
Creating Firewall Rules
To have an effective firewall setup, you will need to create rules which allow certain traffic that you need and to block everything else. Rules are crucial for a firewall set up on Linux.
Allow Traffic from Local Network
Use the command below to enter a new rule to allow traffic from a specific range of IP addresses. For our example, we will allow the IP range for our local network. With that, let’s first check what our local IP address range is by using the command below.
In this screenshot, what we are looking for is the “inet addr:” or the “Bcast:” under eth0. We can see here that our IP address range is 192.168.254.0/24.
To allow traffic from our local network or from a certain IP address range, you may use the command below.
$ sudo ufw allow from <IP Address Range>
$ sudo ufw allow from 192.168.254.0/24
After entering the command, you can see that the rule gets added immediately.
Grant Traffic Through a Specific Port from a Specific IP Address/Range
The command below is what we will use to allow access through a specific port from our local network. If, for example, you are running a local web server, then you will need to allow traffic through port 80.
$ sudo ufw allow from <IP Address/Range> to any port <Port Number>
$ sudo ufw allow from 192.168.254.0/24 to any port 80
Grant Traffic Through a Specific Range of Ports
To open a specific range of ports, you may use the command below. For our example, we’ll be opening ports from 50000 to 52000 for UDP and TCP, which are used for torrent clients.
$ sudo ufw allow <Start of Port Range>:<End of Port Range>/<Protocol>
$ sudo ufw allow 50000:52000/udp
$ sudo ufw allow 50000:52000/tcp
You can see in the screenshot above that the rules have been added to IPV4 and to IPV6 as well.
Deny Traffic Through a Specific Range of Ports
Use the below command to close a certain range of ports on your Linux firewall. For this example, we will be closing port ranges 51413 to 51500.
$ sudo ufw deny <Start of Port Range>:<End of Port Range>/<Protocol>
$ sudo ufw deny 51413:51500/tcp
$ sudo ufw deny 51413:51500/udp
Here you can see that the command for denying port ranges is very much the same as allowing.
Disabling Firewall Rules or Resetting Firewall on Linux
Before we start disabling rules or resetting the firewall, let’s first check for the current status of our firewall. Let’s see how many rules we already have in place. Use the command below to get the information we need.
$ sudo ufw status
You can see here in this screenshot that all the rules we have added are currently active.
To be able to delete any rules from the above list, we first need to run the command below, to assign each rule with a certain number.
$ sudo ufw status numbered
As you can see here, we now have a number for each rule. We’ll be using these numbers to identify which rule to disable. Use the command below to delete a certain rule from the list.
$ sudo ufw delete <Rule Number>
$ sudo ufw delete 10
This is what you will get upon running the above command. Type in “
y” to proceed with deleting the rule or type in “
n” to cancel.
Suppose you need to delete all the rules that currently exist in your firewall or revert back to the original configuration. In that case, you will first need to disable the firewall and then run the reset command. The commands below are what you will need to run for resetting your firewall on Linux to its default configuration. However, we are not really done yet, so let’s not reset the firewall just yet.
$ sudo ufw disable
$ sudo ufw reset
Managing Linux Firewall via a Graphical Interface
If you prefer to manage or set up your firewall on Linux via a graphical interface, you can use an application like GUFW. It is a simple but powerful tool for managing firewalls on Linux.
You can use the command below to install GUFW on your Linux system. You may want to have the universe repository enabled first before trying to install GUFW.
$ sudo apt-get install gufw
This is what you will see upon running the install command for gufw. Also, it will ask you for confirmation if you would like to continue with the installation. You will then need to type in “
y” to continue or “
n” to abort.
To launch GUFW, you can do it from the search bar in your application menu. Simply type in gufw, and the system should locate it for you instantly.
As you can see in this screenshot, we haven’t finished typing in gufw yet, and it has already came up. Now, you must click the shield icon to launch our firewall graphical interface.
This is the first thing you’ll see upon launching GUFW. We did mention earlier that you will need either a root or a sudo privilege to access the Linux firewall. Now, enter your password and click Authenticate.
This is the main screen or main page for GUFW, and as you can notice, the status is already On or enabled. That’s because we already set up our firewall earlier using the ufw command.
This is how it should have looked if we haven’t configured anything yet.
To see the current rules that already exist in your firewall, you can click on the arrow button beside “Rules”.
Here you can see all the rules we added earlier using the ufw command. From here, you should be able to manage your firewall rules much easier.
And that’s about it for this tutorial. We looked at how to set up a firewall on Linux, add rules, reset the firewall configuration to default and lastly, how to install and manage a Linux firewall from a graphical interface.
If this guide helped you, please share it. ?