How to configure the firewall in Ubuntu

Diego Germán González

3 minutes

Protecting the security of our computer is a fundamental part of our user experience


In recent years we are seeing the consequences of the lack of security measures on our computers and computer networks. In this article We will see how to configure the firewall in Ubuntu.

A firewall, which is usually translated in our language as firewall, is a security mechanism that is designed to control and filter all computer data traffic that circulates within a network. Its use is intended to prevent unauthorized access to network resources or individual access devices by unauthorized persons. from other networks using the Internet. While firewalls can be hardware devices, software programs, or a combination of both, in this article we will focus on a specific software tool.

Perhaps the most appropriate parallel is that of customs located on the borders between countries.. The firewall analyzes incoming and outgoing data packets and evaluates whether to allow transit between the internal and external network. It does this according to predefined rules. For example, it allows the browser to access the Internet but not the word processor.

The Netfilter subsystem

At the kernel level, Linux-based distributions They offer a component known as Netfilter that is responsible for packet filtering and other ways of processing them at the IP level.

Netfilter offers a series of hooks that, like toll plazas, are responsible for preventing unauthorized packets from passing through. Some of them are:

  • ROUTING: It is responsible for intercepting packages upon arrival.
  • INPUT: Deals with packets destined for the local host.
  • FORWARD: It is the one that examines the packets that are going to be forwarded.
  • OUTPUT: These are the packets that originated locally and will leave the host.
  • POSTROUTING: Work with packages when they are going to leave.

How to configure the firewall in Ubuntu

As we said above, it is necessary to establish the rules that determine what hooks should do with packets. Traditionally, a tool called iptables was used for this, which over time was replaced by nftables. They are tools with which We can set the rules that determine the treatment of the different packets according to the transmission and reception stage in which they are.

The two tools we mentioned are a bit complex to use soe Ubuntu and other Linux distributions include a tool called UFW that makes it easier to protect our system.

We can install UFW with the command:
sudo apt install ufw
To know if it is activated:
sudo ufw status
This shows us if it is activated. It does not have to be to program rules.
We activate it with:
sudo ufw enable
We can see the rules established with:
sudo ufw show added
To see what the default rules are we can write:
sudo ufw status verbose
If what we want is to change a specific policy, we type:
sudo ufw default deny nombre_de_la_política
To override or allow a policy:
sudo ufw default allow nombre_de_la_política
To add rules to a specific port we do:
sudo ufw allow out número de puerto
We eliminate the rules with:
sudo ufw delete allow out número_de_puerto.
It is also possible to assign a rule to a specific IP range:
sudo ufw allow from ip_origen to any port número_de_puerto proto tcp
UFW is programmed by default to allow all outbound traffic and to prevent all unsolicited external access. By default it works with the IPv4 and IPv6 protocols, the letters are the acronym for Internet Protocol.

The fundamental difference between both protocols is that IPv6 allows working with a greater number of unique addresses. however, support for this protocol can be disabled with:
sudo nano /etc/default/ufw

And changing from Yes to No in the line corresponding to IPv6.

This is a brief introduction to UFW, you can learn more about its use by typing in the terminal
man ufw