What is the Default Ubuntu Firewall?

This article provides a quick overview of UFW (Uncomplicated Firewall), the default firewall configuration tool used in Ubuntu. You will learn what UFW is, why it is the standard choice for Ubuntu users, and the basic commands needed to manage your system’s network security.

Understanding UFW (Uncomplicated Firewall)

While the Linux kernel uses netfilter and iptables to manage network traffic, writing iptables rules can be incredibly complex and intimidating for beginners. To solve this, Ubuntu introduced UFW as a user-friendly frontend.

UFW acts as an abstraction layer that simplifies the process of creating IPv4 or IPv6 firewall rules. It allows you to secure your system without needing to master the intricate syntax of raw iptables commands.

Why Ubuntu Uses UFW by Default

Ubuntu includes UFW by default because it perfectly aligns with the operating system’s philosophy of usability and accessibility.

Essential UFW Commands

Managing your Ubuntu firewall requires just a few basic commands through the terminal.

Checking Status and Enabling UFW

By default, UFW is installed but inactive. You can check its current status with:

sudo ufw status

To turn the firewall on and apply the default rules (which block all incoming connections and allow all outgoing connections), use:

sudo ufw enable

If you ever need to turn it off, the command is:

sudo ufw disable

Allowing and Denying Traffic

To allow traffic on a specific port, such as port 80 for a web server, you run:

sudo ufw allow 80/tcp

Alternatively, you can allow traffic by service name:

sudo ufw allow ssh

To block traffic from a specific IP address that you deem suspicious, you can use the deny command:

sudo ufw deny from 192.168.1.50