{"id":4499,"date":"2021-02-15T10:40:26","date_gmt":"2021-02-15T10:40:26","guid":{"rendered":"https:\/\/linuxways.net\/?p=4499"},"modified":"2021-02-15T10:44:12","modified_gmt":"2021-02-15T10:44:12","slug":"how-to-easily-manage-firewall-rules-with-ufw-on-red-hat-enterprise-linux-8","status":"publish","type":"post","link":"https:\/\/linuxways.net\/de\/red-hat\/how-to-easily-manage-firewall-rules-with-ufw-on-red-hat-enterprise-linux-8\/","title":{"rendered":"How to Easily Manage Firewall Rules with UFW on Red Hat Enterprise Linux 8"},"content":{"rendered":"

UFW stands for Uncomplicated FireWall — and as the name implies, it makes firewall management very easy. UFW was developed by Canonical and is available by default on all recent Ubuntu versions. In this guide, we are going to install UFW on Red Hat Enterprise Linux (RHEL) 8 through Snaps.<\/p>\n

Snaps can be likened to containers for packaging applications with everything that they require to run successfully across multiple Linux distributions. To use snaps, you must install snapd.<\/p>\n

Install Snapd<\/h2>\n

Snapd is a background process that manages snaps. To install snapd on RHEL 8, you would first need to add the Extra Packages for Enterprise Linux (EPEL) repository as follows.<\/p>\n

$ sudo dnf install https:\/\/dl.fedoraproject.org\/pub\/epel\/epel-release-latest-8.noarch.rpm<\/strong><\/pre>\n
<\/strong><\/p>\n
When prompted, enter y<\/strong> to continue. Once the EPEL installation completes successfully, run the next command to update packages to the latest version.<\/p>\n
$ sudo dnf upgrade<\/strong><\/pre>\n
<\/strong><\/p>\n
You may now install snapd as follows.<\/p>\n
$ sudo yum install snapd<\/strong><\/pre>\n
\"Install<\/p>\n
When prompted, enter y <\/strong>to proceed with the installation.<\/p>\n
After the snapd installation completes successfully, run the next command to enable snapd.socket which manages snap communications.<\/p>\n
$ sudo systemctl enable --now snapd.socket<\/strong><\/pre>\n
<\/strong><\/p>\n
You should see a message indicating that a symlink was created.<\/p>\n
You may now log out and log in again so that snap\u2019s paths can be updated.<\/p>\n
Install UFW<\/h2>\n
The following command will install UFW on RHEL 8.<\/p>\n
$ sudo snap install ufw<\/strong><\/pre>\n
<\/strong><\/p>\n
Once installed, run the next command to check the status of UFW.<\/p>\n
$ sudo ufw status<\/strong><\/pre>\n
Note: <\/strong>If you get an error saying, \u201cufw: command not found,\u201d it may be a problem with ufw\u2019s paths. As a workaround, run the command below to create a symbolic link to \/var\/lib\/snapd\/snap\/bin\/ufw<\/strong> from \/usr\/bin\/ufw<\/strong>. After that, try to check the status of ufw again and it should work fine.<\/p>\n
$ sudo ln -s \/var\/lib\/snapd\/snap\/bin\/ufw \/usr\/bin\/ufw<\/strong><\/pre>\n
<\/strong><\/p>\n
To enable UFW and configure it to always start at system boot, run:<\/p>\n
$ sudo ufw enable<\/strong><\/pre>\n
<\/strong><\/p>\n
If your goal is to replace the built-in firewalld in RHEL 8 with UFW, then you may want to disable firewalld by running the following commands.<\/p>\n
$ sudo systemctl stop firewalld <\/strong>\n\n$ sudo systemctl disable firewalld<\/strong><\/pre>\n
<\/strong><\/p>\n
By default, UFW denies all incoming traffic and allows outgoing traffic. However, you can change this default behaviour if you wish. To deny outgoing traffic for example, run:<\/p>\n
$ sudo ufw default deny outgoing<\/strong><\/pre>\n
Run the next command to list UFW application profiles.<\/p>\n
$ sudo ufw app list<\/strong><\/pre>\n
<\/strong><\/p>\n
For instance, to deny access to Bonjour<\/strong>, the following command would suffice.<\/p>\n
$ sudo ufw deny Bonjour<\/strong><\/pre>\n
<\/strong><\/p>\n
You could also specify port numbers to allow or deny traffic on as follows.<\/p>\n
$ sudo ufw deny 25<\/strong><\/pre>\n
<\/strong><\/p>\n
$ sudo ufw allow 22<\/strong><\/pre>\n
<\/strong><\/p>\n
Here\u2019s another example that allows traffic on TCP port 80.<\/p>\n
$ sudo ufw allow 80\/tcp<\/strong><\/pre>\n
<\/strong><\/p>\n
After adding your firewall rules, you may run the next command to see detailed information about the status of UFW.<\/p>\n
$ sudo ufw status verbose<\/strong><\/pre>\n
<\/strong><\/p>\n
To view additional usage information for UFW, run:<\/p>\n
$ ufw --help<\/strong><\/pre>\n
<\/strong><\/p>\n
You could also review the official UFW manual pages at the following link.<\/p>\n
http:\/\/manpages.ubuntu.com\/manpages\/hirsute\/en\/man8\/ufw.8.html<\/a><\/pre>\n
Conclusion<\/h2>\n
As you have seen, getting started with UFW on Red Hat Enterprise Linux 8 is not difficult. UFW may not be intended to provide complete firewall functionality, but it does provide an easy way to create and manage simple firewall rules. Share your thoughts with us.<\/p>","protected":false},"excerpt":{"rendered":"
UFW stands for Uncomplicated FireWall — and as the name implies, it makes firewall management very easy. UFW was developed by Canonical and is available by default on…<\/p>","protected":false},"author":28,"featured_media":4515,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[165],"tags":[197,198,196],"class_list":["post-4499","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-red-hat","tag-firewall","tag-red-hat-enterprise-linux-8","tag-ufw"],"_links":{"self":[{"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/posts\/4499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/users\/28"}],"replies":[{"embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/comments?post=4499"}],"version-history":[{"count":0,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/posts\/4499\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/media\/4515"}],"wp:attachment":[{"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/media?parent=4499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/categories?post=4499"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/linuxways.net\/de\/wp-json\/wp\/v2\/tags?post=4499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}