[custom-header-login]
It is normal in Linux for the iptables module to control what we know as the firewall and this remains the case with UFW. UFW provides, perhaps, a more simple command line interface to iptables and application profiles that relate to your services. For instance, if I want to control the ports used by SAMBA I can use the application profile for SAMBA without having to know about the ports that is uses.
UFW ships with Ubuntu but is not enabled. We can start by enabling it:
sudo ufw enable
This will both enable the service and enable it for auto-start, we can query the service with :
sudo ufw status
or
sudo ufw status verbose
if we want a listing of what is allowed or denied. from the latter we can see the once enabled the firewall enables outgoing traffic only by default. This just leverages iptables and we can view the iptable status with
iptables -L
To enable a service we could use the command :
sudo ufw allow 22
if we wanted to permit SSH, id the application needed more ports we could use an Application profile :
sudo ufw app list
will display the current profiles and
sudo ufw allow Samba
will permit the ports for Samba