Testing Open Ports<\/a><\/li><\/ul><\/nav><\/div>\n\n![\"\"](\"https:\/\/linuxresellerwebhosting.in\/blog\/wp-content\/uploads\/2024\/03\/UFW-Firewall-300x225.jpeg\")
<\/p>\n
The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user-friendly way to create an IPv4 or IPv6 host-based firewall.<\/p>\n
ufw by default is initially disabled. From the ufw man page:<\/p>\n
\u201cufw is not intended to provide complete firewall functionality via its command interface, but instead provides an easy way to add or remove simple rules. It is currently mainly used for host-based firewalls.\u201d<\/p>\n
Below is some examples for ubuntu commands and how to use ufw<\/p>\n
First ufw needs to be enabled, From a terminal or SSH enter<\/p>\n
sudo ufw enable<\/pre>\nTo open a port (SSH in this example):<\/p>\n
sudo ufw allow 22<\/pre>\nRules can also be added using a numbered format:<\/p>\n
sudo ufw insert 1 allow 80<\/pre>\nSimilarly, to close an opened port:<\/p>\n
sudo ufw deny 22<\/pre>\nTo remove a rule, use delete followed by the rule:<\/p>\n
sudo ufw delete deny 22<\/pre>\nIt is also possible to allow access from specific hosts or networks to a port. The following example allows SSH access from host 192.168.0.2 to any IP address on this host:<\/p>\n
sudo ufw allow proto tcp from 192.146.0.1 to any port 22<\/pre>\nReplace 192.146.0.1 with 192.146.0.0\/24 to allow SSH access from the entire subnet.<\/p>\n
Adding the \u2013dry-run option to a ufw command will output the resulting rules, but not apply them. For example, the following is what would be applied if opening the HTTP port:<\/p>\n
sudo ufw --dry-run allow http<\/pre>\n*filter\r\n:ufw-user-input - [0:0]\r\n:ufw-user-output - [0:0]\r\n:ufw-user-forward - [0:0]\r\n:ufw-user-limit - [0:0]\r\n:ufw-user-limit-accept - [0:0]\r\n### RULES ###\r\n\r\n### tuple ### allow tcp 80 0.0.0.0\/0 any 0.0.0.0\/0\r\n-A ufw-user-input -p tcp --dport 80 -j ACCEPT\r\n\r\n### END RULES ###\r\n-A ufw-user-input -j RETURN\r\n-A ufw-user-output -j RETURN\r\n-A ufw-user-forward -j RETURN\r\n-A ufw-user-limit -m limit --limit 3\/minute -j LOG --log-prefix \"[UFW LIMIT]: \"\r\n-A ufw-user-limit -j REJECT\r\n-A ufw-user-limit-accept -j ACCEPT\r\nCOMMIT\r\nRules updated<\/pre>\nufw can be disabled by:<\/p>\n
sudo ufw disable<\/pre>\nTo see the firewall status, enter:<\/p>\n
sudo ufw status<\/pre>\nAnd for more verbose status information use:<\/p>\n
sudo ufw status verbose<\/pre>\nTo view the numbered format:<\/p>\n
sudo ufw status numbered<\/pre>\nNote<\/p>\n
If the port you want to open or close is defined in \/etc\/services, you can use the port name instead of the number. In the above examples, replace 22 with ssh.<\/p>\n
This is a quick introduction to using ufw. Please refer to the ufw man page for more information.<\/p>\n
![\"\"](\"https:\/\/linuxresellerwebhosting.in\/blog\/wp-content\/uploads\/2024\/03\/1_WrqqZXugisLg5Xd9kq6Pnw-300x161.png\")
<\/p>\n