Firewall

Quick guide to UFW - Uncomplicated FireWall

Here is a quick guide on using UFW (Uncomplicated FireWall) under linux

A good first step is to do the following

sudo ufw default deny

which will set the default action to denying everything

If you are connection from remote, you will want to allow ssh otherwise it will create a nasty embarassing situation when you can’t get into your machine :)

sudo ufw allow ssh

then you can enable UFW by:

sudo ufw enable

You will now have a very basic firewall setup to deny everything except ssh. Not overly helpful if you are hosting anything else on the system. The rest of the points will be in quick format and in the future I may update and clean up the info below

Disable UFW

sudo ufw disable

Enable UFW

sudo ufw enable

Get current UFW status

sudo ufw status

Allow port 80 (http)

sudo ufw allow 80

Deny a certain port

sudo ufw deny port <port number>

Deny a certain ip from entire host

sudo ufw deny from <ip address>

Block an ip from a port

sudo ufw deny from <ipaddress> to port <port number>

Advanced blocking of multiple ips from a port

sudo ufw deny from 10.0.0.1/24 to any port 22

To open up port range 64000-65000 on udp

ufw allow proto udp to any port 64000:65000

To open up port range 64000-65000 on tcp

ufw allow proto tcp to any port 64000:65000