The latest version of Ubuntu comes with a program called ufw. It is used for managing a Linux firewall and aims to provide an easy to use interface for the user. [donotprint]
Tutorial details | |
---|---|
Difficulty | Easy (rss) |
Root privileges | Yes |
Requirements | None |
Time | 2m |
A Note About ufw
As I said earlier, the latest version of Ubuntu comes with ufw (now it is the default firewall configuration tool for Ubuntu). It is developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall.
List ufw firewall rules, enter:
$ sudo ufw status verbose
Sample outputs:
Status: active Logging: on (low) Default: deny (incoming), allow (outgoing), deny (routed) New profiles: skip To Action From -- ------ ---- 71.81.22.14 80/tcp ALLOW IN Anywhere 71.81.22.15 80/tcp ALLOW IN Anywhere
To disable ufw based firewall, enter:
$ sudo ufw disable
List current firewall rules and stop firewall (old method)
You can type the following command to see if firewall is active or not (open a terminal or ssh session and type the following command):
$ sudo iptables -L -n
Sample outputs:
Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination
You can save existing firewall rules as follows:
$ sudo iptables-save > firewall.rules
Finally, type the following commands to stop firewall and flush all the rules:
$ sudo iptables -X
$ sudo iptables -t nat -F
$ sudo iptables -t nat -X
$ sudo iptables -t mangle -F
$ sudo iptables -t mangle -X
$ sudo iptables -P INPUT ACCEPT
$ sudo iptables -P FORWARD ACCEPT
$ sudo iptables -P OUTPUT ACCEPT
A note about GUI tools for Ubuntu desktop systems
You can also use GUI tool to enable or disable Firewall under Ubuntu Linux desktop edition by visiting System > Administration > Firewall configuration option:
🐧 Get the latest tutorials on Linux, Open Source & DevOps via:
- RSS feed or Weekly email newsletter
- Share on Twitter • Facebook • 6 comments... add one ↓
Category | List of Unix and Linux commands |
---|---|
File Management | cat |
Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
Network Utilities | dig • host • ip • nmap |
OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
Package Manager | apk • apt |
Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
Searching | grep • whereis • which |
User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
pls give me solution for disable linux ubuntu version 2.24.1.
#sudo ufw disable
Firewall stopped and disabled on system startup.
hi , thanks for your great help
i can connect via lan no problem but remotely always show an error messag
a connection could not be established to the ppp server try reconnecting , if the problem continues , verify your setting
and contact your administrator
i follow all the steps
what do u think where is the problem
thanks again for u help
I ran that first command and it’s shown me the IP tables but they’re empty. Does this mean the firewall’s disabled or does it mean it’s running but effectively doing nothing? This should be on a pretty much OOB Ubuntu server 12.10.
I’m very new to these settings and need a little help please? I’ve enabled the ufw in Ubuntu Server 16.04.3 LTS and allowed various ports such as, 22, 53, 80, 443, 445, 139, 8080 etc. Everything is working going through the firewall but browsers, IE Chrome and Vivaldi reports some dns problems. I would disable ufw and all is well and working again. Am I correct in enabling the ufw at all or should I leave it disabled, I’m a home user and not in any vast network environment? Any advice will appreciated. Thank you.
Thanks!