Ubuntu is popular Linux distribution used in different enterprise or personal IT environment. Security is important part of the today IT. We can use firewall services like
iptables in order to tighten security of our Ubuntu system. In this tutorial we will look how to install, remove, enable, disable, start and stop Ubuntu iptables. This tutorial can be used for Kali, Debian, Mint distributions too.
Ufw or Ubuntu Firewall
ufw or Ubuntu firewall in its distrbution. So we will use
ufw for different operations according to
iptables in this tutorial.
We can install
ufw package for Ubuntu, Debian, Mint and Kali like below.
$ apt install ufw
iptables package and related tools are installed by default for Ubuntu, Kali, Debian and Mint. But if they are removed accidentally or intentionally we may need to install
iptables with the following command. Most of the operations like
iptables installation examined in this tutorial will require root privileges.
$ apt install iptables
Remove, Uninstall Iptables
Or we may want to uninstall
iptables package and related tools. I generally uninstall
iptables in my kali systems because use cases do nor requires
$ apt remove iptables
We can get help about
ufw command with
-h option. This will list most common commands provided by
$ ufw --help
As we can there are commands and their summary descriptions. There is also Applications profiles.
List Iptables/Ufw Service Status
Now in order to manage
iptables we should list the status of the service. We will use
systemctl status command with
ufw for Ubuntu and
iptables for other distributions. As default behaivour
ufw is enable by default in Ubuntu.
$ systemctl status ufw
$ systemctl status iptables
Start Iptables/Ufw Service
We can start
iptables service in Ubuntu and related distributions by using
systemctl start command like below.
$ systemctl start ufw
OR we can use
ufw command to start the related service like below.
$ ufw enable
$ systemctl start iptables
Stop Iptables/Ufw Service
We can stop with the same command
$ systemctl stop ufw
OR we can use command
ufw to start the related service like below.
$ ufw disable
$ systemctl stop iptables
Enable Iptables/Ufw Service
Services may be enabled inorder to start after a reboot or fresh start. We can enable
ufw with the following commands.
$ systemctl enable ufw
$ systemctl enable iptables
Disable Iptables/Ufw Service
If we do not want to remove
ufw but we do not want to start related services automatically at the system start we can disable related services with the following command.
$ systemctl disable ufw
$ systemctl disable iptables
Allow Port Or Service with ufw
ufw provides simple way to manage ports. We may need to allow some ports. We will use
allow option. In this example we will allow TCP port 22 which is SSH default port.
We need to provide the
tcp as protocol too.
$ sudo ufw allow 22/tcp
We can also allow just providing the service or protocol name. Following command will also allow SSH port like above command.
$ sudo uwf allow ssh
Allow Port Range
In some cases, some applications or services may use multiple ports in a range. We may need to allow a given port range. We can use
: in order to specify the range. For example
2000:3000 can be used to specify ports between
In this example we will allow ports between
$ sudo ufw allow 2000:3000/tcp
The default policy or setup of the
ufw is denying all ports. This is more secure way to setup and manage firewalls. During the management of the firewall we may enable some ports. After some time we may need to disable these enabled ports. We can use
deny option in order to prevent traffic for given port. In this example we will deny TCP port 22.
$ sudo ufw allow 22/tcp
Over time some rules will be added to the ufw. In order to check, remove or update this rules we need to list them. We can list existing firewall tules with the
status verbose options. In order to work this command ufw should be enabled and running.
$ sudo ufw status verbose
As we see there are rules we have been added previously.
In order to remove previously defined rules we need to
delete them . Like addding new rule we just need to change
delete. In this example we will delete the TCP 22 or ssh rule. We should provide the
deny of the rule.
$ sudo ufw delete deny 22/tcp
As we can see we delete the rule
Check ufw Status
We can check the status of the ufw with
status option. Event the ufw service is running ufw may be disabled.
$ sudo ufw status
As we can see the line
Status:active shows that the ufw is actively working.
Reset All Rules In ufw
If we want to remove all rules deleting or removing them one by one is very tedious task. We can remove all added rules with a single option named
reset . Keep in mind that this will remove all rules and revert back to default configuration.
$ sudo ufw reset
As we can see from screenshot it will ask us wheter we are sureto remove. Event we remove the rules they are saved automatically to the
/etc/ufw/ directory with rules category and date by ufw.