ufw Configuration

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hello Cybrarians, welcome back to
00:00
the Linux plus course here at Cybrary.
00:00
I'm your instructor Rob Goelz,
00:00
and in today's lesson, we're going to
00:00
do some ufw configuration.
00:00
Upon completion of today's lesson,
00:00
you're going to be able to understand how
00:00
ufw implements firewall configuration.
00:00
We're going to use the ufw command to modify
00:00
firewall rules in our demo at the end of the lesson.
00:00
Ufw is the uncomplicated firewall.
00:00
It's also sometimes called
00:00
the Ubuntu firewall because it's
00:00
the default implementation for firewall in Ubuntu.
00:00
Like firewall, the ufw is
00:00
just an interface a net filter,
00:00
remember net filter is what does all the heavy lifting
00:00
when it comes to dealing with
00:00
the firewall stuff in the kernel.
00:00
Now for ufw default policies are
00:00
found in etc/default/ufw.
00:00
But we can also set custom rules.
00:00
Custom rules are set up in the etc/ufw directory.
00:00
Now one of the nice thing about ufw rules is that they
00:00
don't have to be reloaded
00:00
and they are persistent by default.
00:00
By comparison to IP tables and firewall D,
00:00
we don't have to save anything soon as we set
00:00
a rule in ufw is good to go is persistent.
00:00
We don't have to worry about it getting lost on reboot.
00:00
Now the ufw command is
00:00
what we actually use to work with ufw.
00:00
By default you ufw is disabled.
00:00
We actually have to start and enable
00:00
it using ufw enable command.
00:00
Keep in mind here we're not working with system CTL.
00:00
Ufw has its own thing.
00:00
It has its own control commands.
00:00
Ufw to start,
00:00
enable, we can do ufw to disable,
00:00
ufw that's going to stop it and disable it
00:00
just like enable starts and enables.
00:00
We have reset which completely clears the boards.
00:00
It disables the ufw,
00:00
it stops it, and it clears out any and all rules.
00:00
That's an optional last resort.
00:00
You're going to be reloading rules if
00:00
you run that or we could
00:00
do ufw reload to reload the firewall.
00:00
We can also do ufw status
00:00
to display the current firewall state,
00:00
and it will also display any
00:00
>> kinds of rules that are put in place.
00:00
>> Talking about doing rules,
00:00
in ufw there's actually called policies.
00:00
We create or modify ufw policies.
00:00
We can allow one by doing ufw allow and then
00:00
providing identifier like a name
00:00
of an application or a port.
00:00
We can do ufw deny to deny or drop packets,
00:00
and then we could do ufw reject to reject
00:00
packets and provide a message
00:00
back as to why they were rejected.
00:00
Let's have a look at all this with some demo time.
00:00
Here we are in our demo environment
00:00
and the first thing that we're going to have to
00:00
do is a sudo ufw enable.
00:00
When I type in my password this is going to
00:00
go ahead and start and enable the system.
00:00
Let's try that again. There we go.
00:00
Firewall is active and enabled on system startup.
00:00
Now, this is running and when we
00:00
reboot we won't have to worry
00:00
>> about this getting cut off.
00:00
>> It's going to keep running.
00:00
Like I said, we can see
00:00
>> that we have enabled by default,
00:00
>> by doing sudo, ufw status.
00:00
We can see the status is active and we
00:00
also see some rules that are in place.
00:00
On this particular system,
00:00
we have 80 TCP and engine X setup.
00:00
Basically, it's just a web server. Well,
00:00
let's go ahead and allow ssh.
00:00
We're going to need ssh if we want
00:00
to land on this thing remotely.
00:00
There's sudo ufw allow ssh, and that's added.
00:00
Now we can do a status and we'll see that this
00:00
is active and is provided here.
00:00
Now if I were to reboot from
00:00
here, it would just come back up.
00:00
It's persistent, we don't have to
00:00
save anything. We're good to go.
00:00
Now, let's see the new status
00:00
and also get verbose output so we can do
00:00
a sudo ufw, status verbose.
00:00
Now we can see a little bit more information.
00:00
We can see information on the default settings.
00:00
We can also see the actions.
00:00
Give a little bit more detail,
00:00
and we can also see that there
00:00
are some more information on the port.
00:00
Instead of just seeing engine X fall, for example,
00:00
we see that that means that it's enabling
00:00
ports 80 as well as 443 across TCP.
00:00
We can also see that any rules that have been
00:00
added by using another command,
00:00
let's clear our screen first.
00:00
I'm just going to type clear. You can also
00:00
do Control L to clear your screen.
00:00
I'm going to do sudo ufw show added.
00:00
These are the added rules that have just been added.
00:00
We can do ufw status to see all
00:00
of the running firewall stuff,
00:00
but these are just the specific rules that are there.
00:00
We can also see these numbers.
00:00
We could do sudo ufw status numbered.
00:00
Now we can see the numbers of the rules.
00:00
Now, this is helpful because if you want to
00:00
delete a rule by number, you can do that.
00:00
Use sudo ufw, delete.
00:00
and we're going to say six.
00:00
We're going to say yes. Now if we run another status,
00:00
we can see that we only have what we started with here.
00:00
We've deleted our TCP version 6 IPV6.
00:00
If he wanted to, we could also delete three.
00:00
Now we'll see we're back to where we started.
00:00
We only have the web server stuff
00:00
and nothing else. That's it.
00:00
With that, we reached the end of the lesson.
00:00
In this lesson, we covered how
00:00
ufw implements firewall configuration.
00:00
Remember etc/default/ufw
00:00
>> is the default policy location.
00:00
>> We can also set custom rules in etc/ufw,
00:00
and then we can also use the ufw command to
00:00
create and modify firewall rules.
00:00
Thanks so much for being here and I look
00:00
forward to seeing you in the next lesson.
Up Next