This guide shows howto install and setup UncomplicatedFirewall ufw on Linux ubuntu 10.04 and 11.04 and other Debian distributions. Ufw, as it says, is quite uncomplicated and recommended for a simple firewall setup.
UncomplicatedFirewall ufw provides both a command line interface and a framework for managing a netfilter firewall. While the ufw command provides an easy to use interface for managing a firewall, the ufw framework provides the administrator methods to customize default behavior and add rules not supported by the command line tool. In this way, ufw can take full advantage of Linux netfilter’s power and flexibility.
Setup & installation
This guide will install and show how to configure ufw for ssh and http traffic. To add more protocols from here is easy.
Using Linux Ubuntu 11.04 ufw is installed by default and there is no need to enable it.
Otherwise to install:
First allow ssh traffic so you avoid lock out. and the enable the firewall.
sudo ufw enable
You can see the status of the firewall by running:
And to allow Apache traffic(http):
Then I would highly recommend to enable logging if you should encounter any attacks:
Outgoing traffic is allowed by default. Everything else is blocked. If you need to disable ufw just run:
Here are some commen commands:
Blocking a port
Blocking an ip address
Blocking a specific ip address and port
Allow an ip address
Current status of your UFW rules