UFW

Some interesting links/reading

https://wiki.ubuntu.com/UncomplicatedFirewall

https://help.ubuntu.com/community/UFW

How to install UFW

The Uncomplicated Firewall (ufw, and gufw - a Graphical User Interface version of the same) is a frontend for iptables and is particularly well-suited for host-based firewalls. Ufw provides a framework for managing netfilter, as well as a command-line interface for manipulating the firewall.

# apt-get install ufw

However, simply installing the firewall will not turn it on automatically, nor it will have any rule set by default.

# ufw help

Usage: ufw COMMAND

Commands:
 enable                          enables the firewall
 disable                         disables the firewall
 default ARG                     set default policy
 logging LEVEL                   set logging to LEVEL
 allow ARGS                      add allow rule
 deny ARGS                       add deny rule
 reject ARGS                     add reject rule
 limit ARGS                      add limit rule
 delete RULE|NUM                 delete RULE
 insert NUM RULE                 insert RULE at NUM
 route RULE                      add route RULE
 route delete RULE|NUM           delete route RULE
 route insert NUM RULE           insert route RULE at NUM
 reload                          reload firewall
 reset                           reset firewall
 status                          show firewall status
 status numbered                 show firewall status as numbered list of RULES
 status verbose                  show verbose firewall status
 show ARG                        show firewall report
 version                         display version information

Application profile commands:
 app list                        list application profiles
 app info PROFILE                show information on PROFILE
 app update PROFILE              update PROFILE
 app default ARG                 set default application policy

Configuration

Enable the firewall

# ufw enable

Secondly, defaults must be set up. For normal users the following defaults will do just fine.

# ufw default deny incoming
# ufw default allow outgoing

Verify the firewall is enabled

# ufw status verbose

$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
62522/tcp                  ALLOW IN    Anywhere                  
80/tcp                     ALLOW IN    Anywhere                  
443/tcp                    ALLOW IN    Anywhere                  
8443/tcp                   ALLOW IN    Anywhere                  
8080/tcp                   ALLOW IN    Anywhere                  
62522/tcp (v6)             ALLOW IN    Anywhere (v6)             
80/tcp (v6)                ALLOW IN    Anywhere (v6)             
443/tcp (v6)               ALLOW IN    Anywhere (v6)             
8443/tcp (v6)              ALLOW IN    Anywhere (v6)             
8080/tcp (v6)              ALLOW IN    Anywhere (v6)

Firewall Rules

Allow

sudo ufw allow <port>/<optional: protocol>

example: To allow incoming tcp and udp packet on port 53

    sudo ufw allow 53

example: To allow incoming tcp packets on port 53

    sudo ufw allow 53/tcp

example: To allow incoming udp packets on port 53

    sudo ufw allow 53/udp

Deny

sudo ufw deny <port>/<optional: protocol>

example: To deny tcp and udp packets on port 53

    sudo ufw deny 53

example: To deny incoming tcp packets on port 53

    sudo ufw deny 53/tcp

example: To deny incoming udp packets on port 53

    sudo ufw deny 53/udp

Port Ranges

Port ranges may also be specified, a simple example for tcp would be:

# ufw allow 1000:2000/tcp

and for udp:

# ufw allow 1000:2000/udp

IP address

An IP address may also be used:

# ufw allow from 111.222.333.444

Deleting Rules

Rules may be deleted with the following command:

# ufw delete allow ssh