I've decided to enable the UFW that comes with Ubuntu just to make my system even more secure (especially after watching a video of a person whose computer actually got infected!), and I've enabled UFW and installed GUFW, but I'm not sure what to do next. When I check the status of the firewall, it says that it is active. What are some rules that I should configure to actually make use of the firewall, since right now I'm assuming it's allowing everything, basically acting like it isn't there.
Ubuntu – What rules to use for UFW
firewallSecurityufw
Best Answer
If you've set
ufw
to enabled then you've enabled the preset rules, so it meansufw
(viaiptables
) is actively blocking packets.If you want more details, run
and you will see something like this
which basically means that all incoming is denied and all outgoing allowed. It's a bit more complicated than that (for example ESTABLISHED - requested - packets are allowed in), and if you're interested in the full set of rules, see the output of
sudo iptables -L
.If you have a public IP, you can use an online test to get an idea how good the filtering is, for example www.grc.com (look for ShieldsUP) or nmap-online.
You should also see messages about blocked/allowed packets in logs (/var/log/syslog and /var/log/ufw.log).