I'm kind of a newbie in networking and Linux, and I always get confused over whether I should use UFW or IP Tables when restricting my internet connection to only use VPN. Looking around, I find there are people who say ip tables are better and people who say UFW is enough.
I found this on the web:
ufw enable
ufw default reject outgoing
ufw allow out 53/udp ## comment this line if your VPN routes DNS through tunnel
ufw allow out 1194/udp
ufw allow out on tun0
Also, I found some scripts out there to set up ip tables in a more complex way that I'm still trying to understand.
What do you guys recommend: Use ip tables or simply use UFW to kill my internet in case my vpn connection drops?
Thanks in advance!
Best Answer
Iptables used to be how network was managed but as you might have observed it is messy to write and even more complicated to learn.
UFW
is an alternative toiptables
andfirewallD
front-end network traffic controller applications.For a newbie you will find
ufw
more easy to manage and use, and is Ubuntu's alternative tofirewallD
used by RHEL and it's derivatives. Iptables still lies underneathufw
but now you write these [iptable] rules usingufw
. Also of note is the fact thatfirewallD
lacksrate limiting feature
found inufw
.Put simply
ufw
is meant to remove all the complications that we see iniptable
use and maintenance. Stick withufw
it still what it's designed for. In Ubuntu the configurations ofufw
can be found in/etc/ufw
and default configurations in/etc/default/ufw
file. Looking in the/etc/ufw
directory you will see the following files and folders:You can add
iptablelike
rules in there too:A quick
sudo cat /etc/ufw/user.rules
will show youiptablelike
rule sets stored from command line entries.Resources:
https://wiki.ubuntu.com/UncomplicatedFirewall
https://www.cyberciti.biz/faq/howto-configure-setup-firewall-with-ufw-on-ubuntu-linux/