Thursday, February 3, 2022

How to Set Up a Firewall with UFW on Ubuntu 20.04

 in This Tutorial you will learn "How To Set Up a Firewall with UFW on Ubuntu 20.04"

A firewall is a tool for monitoring and filtering incoming and outgoing network traffic. It works by defining a set of security rules that determine whether to allow or block specific traffic.
_________________________________________________________________________________________
Server - Os:  Ubuntu 20.04.3 LTS 64Bit        | IP -192.168.1.80            |Hostname -  ubuntu.example.com
_________________________________________________________________________________________
lsb_release -d ; apt update ; apt install ufw -y

sudo ufw enable ; sudo systemctl status ufw

Check UFW Status- ufw status verbose
To deny all incoming connections:- sudo ufw default deny incoming
To allow all outgoing connections:- sudo ufw default allow outgoing
To block all outgoing connections:- sudo ufw default deny outgoing
How to view UFW Application Profiles- sudo ufw app list

How to Allow UFW SSH Connections:- sudo ufw allow ssh   
Custom listening port - sudo ufw allow 3541/tcp

Enable UFW Ports -
Allow by application profile:- sudo ufw allow 'Nginx HTTP'
Allow by service name:- sudo ufw allow http
Allow by port number:-sudo ufw allow 80/tcp

Allow HTTPS Port 443 -
Allow by application profile:- ufw allow 'Nginx HTTPS'
Allow by service name:-ufw allow https
Allow by port number:- ufw allow 443/tcp

UFW Allow Port Ranges -
sudo ufw allow 6500:6800/tcp
sudo ufw allow 6500:6800/udp
Multiple ports-
ufw allow 6500, 6501, 6505, 6509/tcp
ufw allow 6500, 6501, 6505, 6509/udp

UFW Allow Specific IP Address- sudo ufw allow from 192.168.1.60
UFW Allow Specific IP Address on Specific Port- sudo ufw allow from 192.168.1.60 to any port 3900
Allow Subnet Connections to a Specified Port- sudo ufw allow from 192.168.1.0/24 to any port 3900
Allow Specific Network Interface- sudo ufw allow in on eth2 to any port 3900


How to Deny Remote Connections on UFW-sudo ufw deny from 192.168.1.60
How to Delete UFW Rules- sudo ufw status numbered
_________________________________________________________________________________________
Enable IPv6 on UFW -
nano /etc/default/ufw
IPV6=yes
systemctl restart ufw
_________________________________________________________________________________________


No comments:

Post a Comment