Post

Linux UFW

UFW (uncomplicated firewall) is a firewall configuration tool for Linux* that runs on top of IPTables, included by default within Ubuntu distributions. It provides a streamlined interface for configuring common firewall use cases via the command line.

Enable UFW

To check if ufw is enabled, run:

1
2
sudo ufw status
sudo ufw status numbered

You probably want UFW to deny everything by default and add whitelist exceptions later.

1
ufw default deny

To enable UFW on your system, run:

1
sudo ufw enable

If for some reason you need to disable UFW, you can do so with the following command:

1
sudo ufw disable

Block an IP Address/Subnet

1
sudo ufw deny from 203.0.113.0/24

Allow docker container communication

1
sudo ufw allow from 172.18.0.0/24 to any port 11105 proto tcp

Block an IP

1
sudo ufw insert 1 deny from 0.0.0.0

The insert 1 is important, and ensures that the rule is injected at the front of the list of rules. Otherwise, if there was another rule that would accept the connection, e.g. “allow on port 80”, then UFW would accept the connection instead of blocking it. UFW does not have a concept of specificity, only the order of the rules.

If that doesn’t work, it might be because you have no rules. In which case use:

1
sudo ufw deny from 0.0.0.0

Block Outgoing To IP

Today I needed to block my web browser going to an IP address in order to test something. The previous rule for blocking an IP just blocks incoming traffic, but in this case we want to block outgoing traffic.

Deleting Rules

There are many ways to delete rules in UFW, but the simplest way is to list the rules with their numbers/indexes and then delete by index with the following two commands:

1
2
sudo ufw status numbered
sudo ufw delete 1
This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.