Build and Configure a Firewall
Building and configuring a firewall is crucial for protecting networks from unauthorized access
and potential threats. This report will guide you through the setting up and configuring a
firewall on an Ubuntu system using UFW (Uncomplicated Firewall).
Basic knowledge of Linux commands
An Ubuntu system (physical or virtual machine)
Root or sudo access
Step 1: Update Your System
Ensure your system is up to date.
bash
sudo apt update
sudo apt upgrade -y
UFW is included in most Ubuntu installations by default, but you can install it if it's not present.
bash
By default, UFW is disabled after installation. Enable it with the following command:
bash
You will be prompted to confirm the action. Type 'y' and press Enter.
Step 4: Allow SSH Connections
To prevent locking yourself out of the system, allow SSH connections:
bash
Alternatively, you can specify the port number (default is 22):
bash
Step 5: Allow specific Services and Ports
You can configure UFW to allow specific services and ports based on your needs. Here are some
1. Allow HTTP and HTTPS traffic:
bash
sudo ufw allow http
sudo ufw allow https
Or by specifying the ports:
bash
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
2. Allow other specific ports:
For example, to allow traffic on port 8080:
bash
3. Allow a range of ports:
bash
sudo ufw allow 1000:2000/tcp
4. Allow specific IP addresses:
To allow connections from a specific IP address (e.g., 192.168.1.100):
bash
sudo ufw allow from 192.168.1.100
5. Allow specific subnets:
bash
sudo ufw allow from 192.168.1.100
Step 6: Deny Specific Services and Ports
#By default, UFW blocks all incoming connections except for the ones explicitly allowed. You can
also specify to deny certain connections explicitly:
bash
2. Deny a specific IP address:
bash
sudo ufw deny from 203.0.113.0
Step 7: View UFW status and Rules
To check the status of UFW and view the current rules:
bash
If you need to remove a rule, you can delete it using its rule number or the exact rule
First, list the rules with numbers:
bash
Then delete a rule by specifying its number:
bash
2. Using rule specification:
bash
sudo ufw delete allow 8080/tcp
Step 9: Advanced UFW Configuration (Optional)
Enable logging to monitor UFW activity:
bash
Set default policies to deny all incoming and allow all outgoing traffic:
bash
sudo ufw default deny incoming
sudo ufw default allow incoming
UFW includes profiles for some common applications. You can list these profiles:
bash
Allow a specifi application:
bash
sudo ufw allow 'Nginx Full'
Step 10: Testing the Firewall
Use nmap
from another machine to scan the open ports on your firewall-protected machine:
bash
nmap -v -A 192.168.1.10 # Replace with the actual IP of user's firewall-protected machine
Try to connect to allowed denied services to ensure the firewall rules are working as expected.
Step 11: Document Your Setup
Document all the rules you have added to UFW. This can be a simple text file listing each rule:
bash
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
sudo ufw allow from 192.168.1.0/24
sudo ufw deny 23/tcp
2. Configuration Details:
Document the configuration details of your firewall, including default policies and any logging
or application profiles used.
You have successfully set up and configured a firewall on your Ubuntu system using UFW. This
setup will help protect your network from unauthorized access and potential threats. Continue to
refine your firewall rules based on your network's needs and monitor the logs for any suspicious