How to Install UFW on Ubuntu 24.04/22.04/20.04

Uncomplicated Firewall (UFW) is a streamlined solution for managing network traffic on Ubuntu systems. It’s designed for simplicity, making firewall configuration accessible even to those with minimal experience in network security. Whether you’re a developer, system administrator, or just a curious user, understanding how to manage UFW can significantly enhance the security of your Ubuntu server. Here are some key features of UFW that stand out:

  • User-Friendly Interface: UFW provides an easy-to-understand command-line interface, removing the complexity often associated with firewall configurations.
  • Flexibility in Rule Management: It allows for setting up simple and advanced rules, catering to various network control needs.
  • Integration with iptables: UFW works seamlessly with iptables, ensuring robust and reliable firewall management.
  • Logging and Monitoring Capabilities: Offers detailed logs and monitoring tools to track and analyze network traffic.

These features make UFW a go-to choice for managing network traffic on your Ubuntu server, providing both security and simplicity. The following sections will dive into the technical details of installing and using UFW, ensuring your server’s network security is robust and manageable.

Check if UFW is Installed

Before starting the installation and configuration process, checking if UFW has already been installed on your system is essential. You can do this by executing the following command:

ufw version

If you look at the version information, you will see that UFW has already been installed. If not, you’ll see an error message. In that case, follow the steps below to install UFW:

sudo apt update
sudo apt install ufw

After installation, you can verify that UFW is installed by running ufw version again.

Configure IPv6 with UFW (Optional)

UFW supports IPv6 by default. If you want to enable IPv6 support, open the UFW configuration file with your preferred text editor:

sudo nano /etc/default/ufw

Find the line that reads IPV6=no and change it to IPV6=yes.

Save the changes and exit the editor.

Set UFW Default Policies

Setting up default policies is essential to control incoming and outgoing traffic. The default policies will be applied to any traffic that doesn’t match any of the specific rules you create later. To set up default policies, use the following commands:

sudo ufw default deny incoming
sudo ufw default allow outgoing

These commands will deny all incoming connections and allow all outgoing connections by default.

Allow SSH Remote Connections (Situational)

To allow SSH connections, execute the following command:

sudo ufw allow ssh

This command will allow incoming SSH connections on the default port (22). If you’re using a custom port for SSH, you can specify it like this:

sudo ufw allow 2222/tcp

This will allow incoming connections on port 2222, assuming you have configured your SSH server to listen on this port.

Enable UFW on Ubuntu

Note: Remember, if you are using SSH to connect to a remote Ubuntu server, ensure you have completed the previous step to allow UFW before proceeding with this section.

After setting up the default policies and allowing SSH connections, you can enable the UFW firewall with the following command:

sudo ufw enable

You will be prompted to confirm your action, as enabling UFW may disrupt existing connections. Enter ‘y’ to proceed with the operation.

Allow Other Connections with UFW

To allow other connections, such as HTTP, HTTPS, or FTP, use the ufw allow command followed by the service name or port number.

For example:

sudo ufw allow http
sudo ufw allow https
sudo ufw allow 21/tcp

These commands allow incoming connections for HTTP (port 80), HTTPS (port 443), and FTP (port 21).

If you need to allow connections for a range of ports, you can specify the range like this:

sudo ufw allow 8000:9000/tcp

This command allows incoming connections on TCP ports 8000 through 9000.

Deny Connections with UFW

To deny specific connections, use the ufw deny command followed by the service name or port number. For example:

sudo ufw deny 25/tcp

This command will deny incoming connections on port 25 (SMTP).

Delete Rules with UFW

To delete a rule, use the ufw delete command followed by the rule’s parameters. For example:

sudo ufw delete allow 21/tcp

This command deletes the rule that allows incoming connections on port 21 (FTP).

Check UFW Status and Rules with UFW

To check the status of the UFW firewall and view the current rules, use the following command:

sudo ufw status verbose

This command will display the UFW status, default policies, and specific rules you’ve created.

UFW Logging with UFW

UFW provides logging functionality to track its actions and monitor potential issues. In this section, we’ll discuss how to configure and view logs.

Configure UFW Log Settings

To enable logging for UFW, use the ufw logging command followed by the desired log level (e.g., low, medium, high, or full). For example:

sudo ufw logging medium

This command sets the log level to “medium,” which logs blocked packets and new connections.

View UFW Logs

UFW logs are stored in the /var/log/ufw.log file by default. To view the log file, you can use a command like less, tail, or cat. For example:

sudo less /var/log/ufw.log

This command displays the log file using the less command, which allows you to scroll through the contents.

Application Profiles with UFW

UFW supports application profiles, which are predefined rules for popular applications. These profiles simplify the process of allowing or denying connections for specific applications. You can view available application profiles with the following command:

sudo ufw app list

To view the details of a specific profile, use the ufw app info command followed by the profile name:

sudo ufw app info 'Apache Full'

To allow or deny connections for an application profile, use the ufw allow or ufw deny command followed by the profile name:

sudo ufw allow 'Apache Full'

Test UFW Rules

Before applying new rules, you may want to test them to ensure they work as expected. To simulate a connection and test UFW rules, you can use the nc (netcat) tool.

First, you’ll need to install netcat if it’s not already installed:

sudo apt install netcat

Next, on the server-side, run the following command, replacing <port> with the port number you want to test:

nc -l <port>

On the client-side, connect to the server using the following command, replacing <server_ip> with the server’s IP address and <port> with the port number:

nc <server_ip> <port>

If the connection is successful, you can send messages between the server and the client by typing in the terminal. If the connection fails, the respective UFW rule might block the traffic. Make sure to adjust your UFW rules accordingly and test again.

Disable or Reset UFW

If you need to disable UFW temporarily, use the following command:

sudo ufw disable

To reset UFW to its default settings and remove all rules, use the ufw reset command:

sudo ufw reset

Please note that this action will erase all your custom rules, and you must reconfigure UFW from scratch.

Install GUFW

As mentioned earlier, GUFW is a graphical front-end for managing UFW rules. To install GUFW on Ubuntu, use the following commands:

sudo apt update
sudo apt install gufw

After installation, you can launch GUFW from your application menu. The graphical interface makes it easy to manage your firewall rules without using the command line.

Conclusion

That’s it! We’ve just walked through the steps to install and configure UFW on Ubuntu 24.04, 22.04, and 20.04. Remember, properly setting up your firewall is crucial for your system’s security. Regularly check and update your rules to ensure they align with your current needs. Don’t hesitate to experiment with different configurations to find what works best for you. And most importantly, keep exploring and learning about UFW to maintain a secure and robust Ubuntu system.

Leave a Comment