Firewalls play an important roll to control Network Traffic.
The Linux kernel includes the Netfilter subsystem which is used to control network incoming and outgoing traffic.
Linux firewalls utilise Netfilter. The administrator tells Netfilter how to treat data packets by configuring rules in iptables, a configuration file.
In Ubuntu, we use ufw as a configuration tool for iptables.
the friendly way to create a firewall ufw: Uncomplicated firewall
installing ufw :
sudo apt-get install ufw
Enable ufw and restart the server to take effect:
You will not be able to restore the SSH connection until you configure ufw to allow SSH traffic:
sudo ufw allow 22
sudo ufw deny 22
ufw, examples of rules
Delete a rule:
sudo ufw delete deny 22
Allow access from a host to port 22 of any IP address on this host:
sudo ufw allow proto tcp from 192.168.0.2 to any port 22
Allow all HTTP traffic:
sudo ufw allow http
Use --dry-run to show the rule corresponding to a directive:
Disable the firewall:
sudo ufw disable
sudo ufw status
See ditailed status:
sudo ufw status verbose
Application integration, predefined rules. Apply like this sudo ufw allow Postfix and sudo ufw app info Postfix to view rule details: