Felipe A. Moreno

Setting Up a Firewall using ufw on Linux.

1 minute read

Published:

Here you’ll learn to setup ufw in linux to forbid connections from different ports.

UFW

UFW, or Uncomplicated Firewall, is an interface to iptables that is geared towards simplifying the process of configuring a firewall.
If your distro don’t have ufw, install it:

sudo apt-get install ufw

Then, we have options like:

  • Enable/Disable firewall:

    sudo ufw enable
sudo ufw disable

  • Show status and detailed status:

    sudo ufw status
sudo ufw status verbose

  • Show rules list numbered:

    sudo ufw status numbered

  • Blocks/Allows all incoming LAN traffic from internet:

    sudo ufw default deny incoming
sudo ufw default allow incoming

  • Blocks/Allows all outgoing LAN traffic to internet:

    sudo ufw default deny outgoing
sudo ufw default allow outgoing

  • Blocks/Allows connections through the port 45 (like ssh):

    sudo ufw deny 45
sudo ufw allow 45

  • Blocks/Allows connections from a specific ip:

    sudo ufw deny from 52.35.156.45
sudo ufw allow from 52.35.156.45

  • Blocks/Allows connections from a specific ip through a specific port 45:

    sudo ufw deny from 52.35.156.45 to any port 45
sudo ufw allow from 52.35.156.45 to any port 45

  • Blocks/Allows connections from a specific subnet (any using a ip in range 192.35.156.1 - 192.35.156.254):

    sudo ufw deny from 192.35.156.0/24
sudo ufw allow from 192.35.156.0/24

  • Blocks/Allows connections through the port 45 from a specific subnet (any using a ip in range 192.35.156.1 - 192.35.156.254):

    sudo ufw deny from 192.35.156.0/24 to any port 45
sudo ufw allow from 192.35.156.0/24 to any port 45

  • Blocks/Allows connections through the port 53 on TCP/UDP:

    sudo ufw deny 53/udp
sudo ufw allow 53/udp
sudo ufw deny 53/tcp
sudo ufw allow 53/tcp

  • Blocks/Allow a port ranges on tcp/udp:

    sudo ufw allow 6000:6007/tcp
sudo ufw allow 6000:6007/udp

  • Blocks/Allows Connections to a Specific Network Interface (e.g. eth0:

    sudo ufw deny in on eth0 to any port 15
sudo ufw allow in on eth0 to any port 15

  • Delete a Rule by number(for example, the 2th rule on the list):

    sudo ufw delete 2

  • Delete rule (delete rule http and 2044):

    sudo ufw delete allow http
sudo ufw delete allow 2044

  • Reset (by default) configuration:

    sudo ufw reset

    ufw

You May Also Enjoy

Bias–variance tradeoff and Regularization

7 minute read

Published:

The bias–variance tradeoff problem is the conflict in trying to simultaneously minimize the error that prevent supervised learning algorithms from generalizing beyond their training set:

Setting Up a GPU Cluster.

6 minute read

Published:

Here you’ll learn how to build your own cluster that uses CUDA library to execute programs in parallel mode.

HuGo, a setting up guide.

1 minute read

Published:

Here you’ll learn how to setup your Hugo serve, is very useful if you work with static pages.