Categories: TutorialsUbuntu

How to Configure Your Linux Firewall to Best Protect Your Data Center

Data protection is a set of activities and techniques that you can use to ensure your data’s confidentiality, accessibility, and integrity. It is a major concern of computer users nowadays, as your private data can be misused by third parties for fraud. To ensure data integrity, Linux allows you to configure a firewall and set its privacy according to your requirements. This article is all about configuring your firewall to set data privacy on Ubuntu LTS 20.04.

Sponsored

A firewall is a type of network security software that checks entering and departing traffic on the network. In plain terminology, a firewall is a virtual barrier that is set up to prevent the least amount of damage from occurring. As a result, a barrier is put between safe and unsafe areas. Where your private networks are safe, and the internet, a large public network is dangerous. In this way, a firewall not only prevents malicious attacks on your server but also protects you from unwanted network communication.

Private network services are restricted based on several factors, such as connections, while public services can be left open and available on the internet. Internal services can be made completely inaccessible via the internet. In most of the configurations, access to ports that aren’t in use is completely blocked.

How to Configure Your Linux Firewall to Protect Your Data Center

We can configure the firewall of our system using both the command-line and graphical user interface. Below are the ways to configure our firewall and protect the data that we are going to discuss below. You can choose any approach that you find easy for you:

  • Configure Your Linux Firewall using GUFW
  • Configure Your Linux Firewall Using UFW

Method 1:Configure Your Linux Firewall using GUFW

It’s one of the simplest ways to set up your firewall. GUFW is a graphical utility for uncomplicated firewalls.

Step 1: Installing gufw

First, open the Ubuntu Appstore, and in the search bar, type “gufw” and install the “firewall configuration” tool.

Step 2: Launch GUFW

After successful installation, open activities, and in the search bar, type “gufw” and select the “firewall configuration” option.

Step 3: Enable Firewall

To allow the firewall, simply turn it on from the status menu. All incoming connections are blocked by default, while all outgoing connections are permitted.

Step 4: Add your own rules

Click on the “Rules” tab below.

Now click on “+” below to add your own rules.

A new window will appear. If you want to add any rule, add that rule and then click on the “Add” button.

Method 2: Configure Your Linux Firewall Using UFW

UFW stands for “uncomplicated firewall”. It is one of the command line approaches to configuring firewalls to protect data. It’s simple to use and comes pre-installed in many Linux distributions.

Step 1: Check the status

By default, ufw is disabled in Ubuntu. Run the below-mentioned command to check its status.

$ sudo ufw status

Step 2: Enable firewall

If the status is inactive, enter the below-mentioned command on the terminal to enable it.

$ sudo ufw enable

Step 3: Checking Existing App Rules

Run the below-mentioned command to check the list of apps that the firewall has rules for.

$ sudo ufw app list

Step 4: Checking open ports

You can look into which ports are open for those rules for “CUPS” by running the below-mentioned command.

$ sudo ufw app info CUPS

You can also change the name of the app according to your requirements in the above command.

Port 631 is available for “CUPS”.

Step 5: Creating your own rules

Below, I will create some of my own rules. You can also change these rules according to your requirements.

Sponsored

Allowing access only from your PC to other devices

Firstly, you need to check the local IP address of your system with the below-mentioned command.

$ ip a

Now use this IP in the below-mentioned command to allow access from your PC to other devices.

$ sudo ufw allow from 10.0.2.15/24

Allowing access from your PC to a certain port,

The below-mentioned command should be run on the terminal to allow port 80 from the PC.

$ sudo ufw allow from 10.0.2.15/24 to any port 80

Use the IP address of your PC.

Allowing access from your PC to a certain range of ports,

Below is the syntax to allow access from your PC to a certain range of ports.

$ sudo ufw allow start-port:end-port/protocol

Run the below-mentioned command to allow access to ports 44000 and 48800 for TCP and UDP to use with torrent clients.

For TCP:

$ sudo ufw allow 44000:488000/tcp

For UDP:

$ sudo ufw allow 44000:488000/udp

Disabling the mentioned rules

Firstly, again check the status of the firewall to see the rules added above by the below-mentioned command:

$ sudo ufw status numbered

To delete any rule, follow the below-mentioned syntax:

$ sudo ufw delete rule_number

The below-mentioned command will delete rule_number 1:

$ sudo ufw delete 1

Disabling the Firewall

If you want to delete all the new rules added and change the firewall back to its original configuration mode, then disable the firewall with the below-mentioned command:

$ sudo ufw disable

Reseting the Firewall

Run the below-mentioned command to reset the configuration:

$ sudo ufw rest

Conclusion

Data security is a serious concern in this era of technology, but there are various ways available to protect your data. Configuring the firewall on your Linux system is one of the most popular strategies. A firewall is a type of network software that helps us protect against data breaches by applying various rules. This article is about protecting our data center by configuring a firewall by using two approaches; configure your Linux firewall using GUFW and configure your Linux firewall using UFW. You can choose any of the approaches. Also, resetting and disabling firewall techniques are also discussed as plus points. After going through the article, you will be able to protect your data over the network.

Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications including CCNA RS, SCP, and ACE. As an IT engineer and technical author, he writes for various websites.

Ubuntu Server Admin

Recent Posts

Building RAG with enterprise open source AI infrastructure

One of the most critical gaps in traditional Large Language Models (LLMs) is that they…

7 hours ago

Life at Canonical: Victoria Antipova’s perspective as a new joiner in Product Marketing

Canonical is continuously hiring new talent. Being a remote- first company, Canonical’s new joiners receive…

1 day ago

What is patching automation?

What is patching automation? With increasing numbers of vulnerabilities, there is a growing risk of…

2 days ago

A beginner’s tutorial for your first Machine Learning project using Charmed Kubeflow

Wouldn’t it be wonderful to wake up one day with a desire to explore AI…

3 days ago

Ubuntu brings comprehensive support to Azure Cobalt 100 VMs

Ubuntu and Ubuntu Pro supports Microsoft’s Azure Cobalt 100 Virtual Machines (VMs), powered by their…

3 days ago

Ubuntu Weekly Newsletter Issue 870

Welcome to the Ubuntu Weekly Newsletter, Issue 870 for the week of December 8 –…

4 days ago