How to Enable and Disable Firewall in Ubuntu

Are you searching to enable / disable firewall in Ubuntu? You are at the right place…Ubuntu has a firewall that protects the system from the potential threats such as various malware, but the mechanism to implement it in Ubuntu is quite different than Windows.

Just recall what is a Firewall and why it is needed? Firewall is basically a system built to prevent the system from an unauthorized access. In short, the Firewall has all the information about incoming and outgoing connections. It can approve or disapprove the traffic to or from the network based on the security rules. You can create exceptions or rules in terms of Ubuntu, so as to allow some desired network.

If we talk about Ubuntu, Netfilter is the one responsible for network related procedures. It is a framework designed for Linux system which provides options such as network address translation, port translation, etc. That means to deal with network related issue you must know how to handle netfilter, for that you have to play with iptables.

Iptables provides the full fledged solution for the firewall which is a highly complex task to do. Iptables runs at console only, this is one of the major disadvantage for the newbie to learn it easily. That’s why frontends are made in order to manage the firewall easily. One of them is Uncomplicated Firewall which is available by default,  to enable the firewall in the Linux system.

Here’s come the Uncomplicated Firewall (ufw) which is launched for the purpose of easily handling the firewall operations. It’s a front end for iptables, through this it is much easier to enable the firewall. UFW is a very user friendly interface. It’s graphical mode is also available, termed as GUI for Uncomplicated Firewall (Gufw). You can download it from the Software center in Ubuntu, if you use graphical user interface.

In this tutorial, I had covered the command line ufw. Each and every command associated with its use,is mentioned here. You just need to go through the tutorial sincerely to know about how to enable and disable firewall in Ubuntu.

Steps to Enable and Disable Firewall in Ubuntu

Step 1: It is very important to check that whether the firewall is enabled or disabled. But, by default the firewall is already disabled in all the versions of Ubuntu . It is up to you to switch it on or off.

For an instance, suppose you don’t know about this, then you can check it using the command: “sudo ufw status” (if you are not a root user), otherwise there is no need to put “sudo”.

Step 2: Now, once you press enter after writing the command, you”ll be asked to enter the sudo password i.e. your user password. Type the password and press enter.

As you can see in the figure, password is not shown even in “*” form due to the fact that Ubuntu counts keystrokes only. Here, you can also notice the firewall is “inactive”.

Step 3: It’s time to show you how to enable it, for that the command is: “sudo ufw enable” and then press enter.

Step 4: If you have followed the steps properly, then you”ll see the message “Firewall is enabled now…” as shown below.

Step 5: At times, you may need to permit any one IP address and unblock it so that it may bypass through the firewall. Then you have to use the command: “sudo ufw allow from ipaddress” wherein the ipaddress should be mentioned of the respective network from which you need to allow the traffic to your network.

For an example: “sudo ufw allow from 192.168.167.67”

Step 6: After writing the above command, press enter button. Here, I got the confirmation as “Rule added”. That means the exceptional case is saved in the firewall settings to allow the incoming traffic.

Step 7: Unsure about whether the rule is added to the firewall data or not then you must try again “sudo ufw status”. As a result, you will see now the firewall is “active” and the rules are mentioned below it.

Step 8: In case you are required to disallow any IP address that you have added in the Firewall. Considering the above IP address which I have added, now I will delete it. Just type “sudo ufw deny from 192.168.167.67” and press enter.

Step 9: You will get the message as “Rule updated”.

Step 10: Suppose you are required to disable the firewall for some time, then type “sudo ufw disable” and press enter.

Step 11: Then you have to provide the password i.e. user password. Once you complete this,  “firewall is disabled..” message will appear.

Some other commands:

sudo ufw allow from <ipaddress> to port <portnumber> : This command can be used to allow specific IP address and port. In place of ipaddress and portnumber you have to mention the valid data.

sudo ufw allow from <ipaddress range> to any port <port number> : This command will let you to allow a range of IP addresses and the specified port to add to firewall rules, so that the firewall would not restrict these addresses and the port.

For an example: sudo ufw allow from 192.0.0.0/ 24 to any port 80, here the last digit i.e. 0 to 24 is the subnet. It’s basically a logical division of the IP Network.

NOTE: Above two commands can be used to deny the connection with a specific IP address and port using the keyword “deny” in place of “allow” and the rest of the things will be similar.