To secure server, firewall is one of the essential tool.

Linux uses iptables for allow/deny network traffic but seems quite complicated.

ufw might be good solution for simple but powerful way to set firewall.

(ufw overwrites setting on iptables simply.)

Let’s get started!

0. Install package

$ sudo apt install -y ufw

After finish installation, begin to set your own rule.

1. First I deny all traffic as default.

$ sudo ufw default deny

2. Allow TCP ports (21,22,80,443)

These are well known ports for each FTP, SSH, HTTP, HTTPS.

$ sudo ufw allow 21/tcp
$ sudo ufw allow 22/tcp
$ sudo ufw allow 80/tcp
$ sudo ufw allow 443/tcp

3. Allow UDP 123 port for ntpd.

$ sudo ufw allow 123/udp

4. Enable logging

$ sudo ufw logging on

By default, log will be saved at /var/log/ufw.log

5. Enable Firewall

!— be sure you allowed correct ssh port,or telnet port if you are using remote server —!

$ sudo ufw enable

ufw will be registered to system boot up service, automatically.

6. Check status

Once ufw is enabled, you can check enabled rules by

$ sudo ufw status

7. Allow network block

If you want to open all port for your internal network, for example allow 172.16.0.0/16 then,

$ sudo ufw allow from 172.16.0.0/16

8. Delete rule

If you want to delete allowed rule, for example allow from 172.16.0.0/16 then,

$ sudo ufw delete allow from 172.16.0.0/16

or,

More simply put number of line on rules (this case line #6)

$ sudo ufw delete 6

9. Deny specific IP

Below command will add rule at “1st line” and block specific IP (114.44.61.146), which tried known-hack to my server.

$ sudo ufw insert 1 deny from 114.44.61.146 to any

That’s it! Congratulation!