Hello friends. If you have a server or a computer you need a Firewall to add an extra layer of security to your system. With a Firewall, you can open ports on Ubuntu / Debian or any other system and control what accesses your computer. Well in this post, we will help you with that.
UFW: An easier way to have a Firewall on Ubuntu / Debian
By default, the Linux firewall is IPTables. Although it is a very efficient and flexible application, the truth is that it is not easy to manage. Therefore, the community has created equally effective but easier to use alternatives such as UFW.
In short, UFW stands for Uncomplicated Firewall and is a kind of Front-end for IPTables but dedicated to Ubuntu / Debian. With it, you can set up rules and open ports quickly and easily on the system.
When you turn UFW on, it uses a default set of rules (profile) that should be fine for the average home user. In short, all ‘incoming’ is being denied, with some exceptions to make things easier for home users. However, all these settings can be changed and adapted to your needs.
One of the basic and necessary operations we can do with UFW is to open ports. This is necessary when we want an application or service to be able to use our network, either for incoming or outgoing connections.
So, let’s show you how to open ports in Ubuntu / Debian using UFW.
Enabling UFW on Ubuntu / Debian
We are told in the official UFW documentation that UFW is disabled by default. So, we can check this by running the following command
sudo ufw status
You will most likely get an output screen similar to this one
Status: inactive
So, the first step before working with UFW is to enable it. To do this, run
sudo ufw enable
You should get an output screen similar to this one
he firewall is active and enabled on system startup
If you check the status of the service again then you should get the following output
Status: active
With this, we now have UFW active on the system. Now we can start working with it and open the ports we need.
Open ports in Ubuntu / Debian with UFW
With UFW we can start opening ports. There are several ways to do this, but all of them are equally easy to do.
Before starting it is always good to be careful with the ports you are going to open. Many applications can use it and thus have an important security breach.
So, if your computer runs database services, SSH or FTP, you may need to open ports otherwise I don’t recommend it.
Let’s go for it.
To open a port with UFW we have to follow this basic syntax
sudo ufw allow <port>
For example, if we want to open the port 80 which is where HTTP works
sudo ufw allow 80
You will get an output screen similar to this one
Rule added Rule added (v6)
In this case port 80 has been opened in both TCP and UDP protocols.
Also, it is possible to specify the protocol and port to be opened. This is very useful to further control the traffic.
If, for example, you want to open port 85 but only for the TCP protocol then you have to run
sudo ufw allow 85/tcp
Or in the case of UDP
sudo ufw allow 85/udp
In both cases, you will get an output screen similar to this one
Rule added Rule added (v6)
Open ports in Ubuntu / Debian by specifying the system service
Some services and profiles are defined in UFW. These services use a specific port, so we can also open ports using this method. The difference is that we have to know which port each service uses, so if you are just starting with Linux, it may not be convenient.
So, to open ports using this method, we need to use this syntax
sudo ufw allow <service-name>
For example,
sudo ufw allow shh
And you will get the following output
Rule added Rule added (v6)
So, in this case, it will open port 22 which is the port used by SSH.
If you want to know which are the other services you can use, you can check them by clicking on the following link
less /etc/services
That’s how simple it is to do
Deny access to ports
Now I will show you the reverse process. The syntax is similar and we just need to change allow to deny for example.
sudo ufw deny 80
And in this case, port 80 is restricted on both TCP and UDP.
Also, you can specify the protocol in a similar way to the above process.
sudo ufw deny 80/tcp
Or
sudo ufw deny 80/udp
Similarly, you can do the same for the
sudo ufw deny shh
So, this way you can handle UFW.
Conclusion
Opening ports in Ubuntu / Debian is easy thanks to UFW and in this post, we have explained how to do it so you can have more power over the system.
