UFW (Uncomplicated Firewall) is a tool for managing the firewall on Linux distributions that simplifies iptables configuration. It is popular due to its simplicity, clarity, and efficiency in managing network traffic.

How to Install UFW on Linux?

UFW is included in most modern distributions and can be easily installed using the package manager:

• Debian/Ubuntu:
  sudo apt update && sudo apt install ufw
• Arch Linux:
  sudo pacman -S ufw
• CentOS/RHEL:
  sudo yum install epel-release
sudo yum install ufw

Basic Commands for Managing UFW

After installation, UFW needs to be activated and configured with basic rules.

• Enable and disable the firewall:
  sudo ufw enable – Enable UFW
  sudo ufw disable – Disable UFW
• Check the current status:
  sudo ufw status verbose
• Reset settings to default:
  sudo ufw reset

Configuring Rules in UFW

Rules in UFW determine which connections are allowed or blocked.

• Allow incoming connections:
  sudo ufw allow 22/tcp – Allow SSH access
  sudo ufw allow 80/tcp – Allow HTTP
  sudo ufw allow 443/tcp – Allow HTTPS
• Block a specific port:
  sudo ufw deny 3306/tcp – Block MySQL access
• Allow a specific IP address:
  sudo ufw allow from 192.168.1.100
• Block an IP address or an entire network:
  sudo ufw deny from 203.0.113.0/24

Advanced Configuration Rules

• Allow access only on a specific interface:
  sudo ufw allow in on eth0 to any port 22
• Allow outgoing communication:
  sudo ufw default allow outgoing
• Deny all incoming traffic except allowed rules:
  sudo ufw default deny incoming

Managing and Logging UFW Rules

• List active rules:
  sudo ufw status numbered
• Delete a specific rule:
  sudo ufw delete 2 – Remove a rule by its number from status numbered
• Enable UFW logging:
  sudo ufw logging on

Securing a Server with UFW

UFW effectively protects servers from unauthorized access. A recommended configuration for a Linux server includes:

1. Allow only essential services (SSH, HTTP/HTTPS).
2. Restrict access to administrative interfaces (e.g., MySQL, FTP).
3. Monitor UFW logs for suspicious activity.

UFW is a powerful yet simple tool for managing a firewall on Linux. Its ease of use makes it an ideal choice for administrators and general users looking to enhance their system’s security.