Ubuntu is popular Linux distribution used in different enterprise or personal IT environment. Security is important part of the today IT. We can use firewall services like iptables in order to tighten security of our Ubuntu system. In this tutorial we will look how to install, remove, enable, disable, start and stop Ubuntu iptables. This tutorial can be used for Kali, Debian, Mint distributions too.
Ufw or Ubuntu Firewall
Ubuntu rebranded iptables as ufw or Ubuntu firewall in its distrbution. So we will use ufw for different operations according to iptables in this tutorial.
Install Ufw
We can install ufw package for Ubuntu, Debian, Mint and Kali like below.
$ apt install ufw
Install Iptables
Actually iptables package and related tools are installed by default for Ubuntu, Kali, Debian and Mint. But if they are removed accidentally or intentionally we may need to install iptables with the following command. Most of the operations like iptables installation examined in this tutorial will require root privileges.
$ apt install iptables
Remove, Uninstall Iptables
Or we may want to uninstall iptables package and related tools. I generally uninstall iptables in my kali systems because use cases do nor requires iptables.
$ apt remove iptables
ufw Help
We can get help about ufw command with -h option. This will list most common commands provided by ufw.
$ ufw --help
As we can there are commands and their summary descriptions. There is also Applications profiles.
List Iptables/Ufw Service Status
Now in order to manage iptables we should list the status of the service. We will use systemctl status command with ufw for Ubuntu and iptables for other distributions. As default behaivour ufw is enable by default in Ubuntu.
$ systemctl status ufw
OR
$ systemctl status iptables
Start Iptables/Ufw Service
We can start ufw or iptables service in Ubuntu and related distributions by using systemctl start command like below.
$ systemctl start ufw
OR we can use ufw command to start the related service like below.
$ ufw enable
OR
$ systemctl start iptables
Stop Iptables/Ufw Service
We can stop with the same command systemctl and stop option.
$ systemctl stop ufw
OR we can use commandufw to start the related service like below.
$ ufw disable
OR
$ systemctl stop iptables
Enable Iptables/Ufw Service
Services may be enabled inorder to start after a reboot or fresh start. We can enable iptablesufw with the following commands.
$ systemctl enable ufw
OR
$ systemctl enable iptables
Disable Iptables/Ufw Service
If we do not want to remove iptables or ufw but we do not want to start related services automatically at the system start we can disable related services with the following command.
$ systemctl disable ufw
OR
$ systemctl disable iptables
Allow Port Or Service with ufw
ufw provides simple way to manage ports. We may need to allow some ports. We will use allow option. In this example we will allow TCP port 22 which is SSH default port.
We need to provide the tcp as protocol too.
$ sudo ufw allow 22/tcp
We can also allow just providing the service or protocol name. Following command will also allow SSH port like above command.
$ sudo uwf allow ssh
Allow Port Range
In some cases, some applications or services may use multiple ports in a range. We may need to allow a given port range. We can use : in order to specify the range. For example 2000:3000 can be used to specify ports between 2000 and 3000 .
In this example we will allow ports between 2000 and 3000 .
$ sudo ufw allow 2000:3000/tcp
Deny Port
The default policy or setup of the ufw is denying all ports. This is more secure way to setup and manage firewalls. During the management of the firewall we may enable some ports. After some time we may need to disable these enabled ports. We can use deny option in order to prevent traffic for given port. In this example we will deny TCP port 22.
$ sudo ufw allow 22/tcp
List Rules
Over time some rules will be added to the ufw. In order to check, remove or update this rules we need to list them. We can list existing firewall tules with the status verbose options. In order to work this command ufw should be enabled and running.
$ sudo ufw status verbose
As we see there are rules we have been added previously.
Delete Rules
In order to remove previously defined rules we need to delete them . Like addding new rule we just need to change allow with delete. In this example we will delete the TCP 22 or ssh rule. We should provide the allow or deny of the rule.
$ sudo ufw delete deny 22/tcp
As we can see we delete the rule deny 22/tcp
Check ufw Status
We can check the status of the ufw with status option. Event the ufw service is running ufw may be disabled.
$ sudo ufw status
As we can see the line Status:active shows that the ufw is actively working.
Reset All Rules In ufw
If we want to remove all rules deleting or removing them one by one is very tedious task. We can remove all added rules with a single option named reset . Keep in mind that this will remove all rules and revert back to default configuration.
$ sudo ufw reset
As we can see from screenshot it will ask us wheter we are sureto remove. Event we remove the rules they are saved automatically to the /etc/ufw/ directory with rules category and date by ufw.
FYI:
In the “Stop Iptables/Ufw Service” section, the code given is “systemctl start ufw” and “systemctl start iptables”, which obviously doesn’t stop the services.
Hi,
Thanks for your suggestion. I have corrected the commands.
Have a nice day
Thanks for the sentences “Ubuntu is popular Linux distribution used in different enterprise or personal IT environment. Security is important part of the today IT. ” Even though I googled Kali Firewall, i would have been completely lost had you not included those at the beginning.
ufw does not stand for “Ubuntu Firewall.” It stands for “Uncomplicated Firewall.”