Debian

How to Install and Setup Firewall With UFW on Debian 12

How to Install and Setup Firewall on Debian 12

Every internet-connected device needs a Firewall for security. The Firewall in Linux is a network security system that blocks the incoming and outgoing traffic to secure the network. It filters the dangerous traffic based on predefined rules to protect the device from any unauthorized access. It can be used to block and allow specific ports, IP addresses, and services.

Debian has iptables, nftables, and firewalld that contain the Firewall rules and are used to configure the Firewall of the network. UFW is the best alternative to these utilities since these utilities have quite complex syntax. Using UFW, you can easily manage both incoming and outgoing traffic by defining different rules.

Quick Outline

 

What is UFW

UFW is a tool in Linux that manages the Netfilter firewall and is known as an Uncomplicated Firewall. As the name suggests, the UFW provides the easy-to-use command line interface to manage the firewall on your system. It uses the simple command and iptables for configuration and protects your system from external attacks by blocking the connections. You can add and delete rules to create IPv4 and IPv6 based firewalls on your Debian system.

You can install and setup UFW on your Debian through both the terminal and GUI-based application of UFW known as gufw. In the next section of this post, we will demonstrate these two mentioned approaches in detail.

 

How to Install UFW on Debian 12 Using CLI

On most Linux-based distributions, the UFW comes pre-installed, if it is not, you can install it from the official repository. You will need sudo privileges to install and set up the firewall on Debian. Follow these steps to install UFW on Debian 12:

Step 1: It is recommended to upgrade your repository before installing any package:

sudo apt update && sudo apt upgrade

Step 2: Next, install UFW on Debian from the official repository using the following command:

sudo apt install ufw -y

Step 3: Verify the installation by running the version command on the terminal:

sudo ufw --version

 

How to Setup Firewall with UFW on Debian 12 Using CLI

Once you have installed UFW on your system, it is important to properly configure it. To protect our system from unauthorized access, we can do customization in port addresses and protocols. We have discussed the various aspects of configuring the UFW below:

 

1: Configure UFW to Support IPv6

You can customize the settings of the UFW file to make it support both IPv4 and IPv6. To do so, access the configuration file using the nano editor through the execution of the following command:

sudo nano /etc/default/ufw

Look for the line IPV6 and set the “IPV6=yes”, save the file using Ctrl + X, add Y and press Enter to close it.

After editing the file, execute the below command to restart the UFW:

sudo ufw reload

2: Enable UFW

To enable UFW on Debian, write out the following simple command on your terminal:

sudo ufw enable

3: Disable UFW

It is not recommended to disable UFW on Debian; however, if you want to disable it sometimes for troubleshooting purposes then you can run the following command:

sudo ufw disable

 

4: Check Application Profiles With UFW

All the application profiles of the packages installed with apt on your Debian are stored in the etc/ufw/applications.d directory. To display the applications with UFW, execute the following command:

sudo ufw app list

To view the information about a specific package, use the info flag followed by the name of the package:

sudo ufw app info <package name>

Example: I want to view the information about KTorrent:

sudo ufw app info KTorrent

 

5: Allow, Deny, and Limit Traffic of Specific Port with UFW

In Debian, you can use the name of the port number to allow or permit the traffic. For example, to enable the incoming connections for port 22, namely SSH, we will run one of the below-mentioned commands:

sudo ufw allow 22

OR

sudo ufw allow ssh

To deny the incoming connections for port 22, execute the following command:

sudo ufw deny 80

To limit the traffic of the port, use the limit argument with the ufw command:

sudo ufw limit ssh

 

6: Deal With Particular IP Using UFW

UFW allows you to define rules to allow or deny particular IP addresses to access your system. For instance, to allow incoming connections from IP address 192.168.2.0, write out the following command on the terminal:

sudo ufw allow from 192.168.2.0

You can also create a rule to allow or prevent the IP address from connecting to the server through the specified port using the below syntax:

sudo ufw allow from <IP> to any port <port number>

For example, to allow 192.168.2.0 to connect to the server using port 44, execute the following command:

sudo ufw allow from 192.168.2.0 to any port 44

7: Check the Status of UFW

The following command will display the status of UFW with all the rules on the screen:

sudo ufw status

To get more details about the rules, you can execute the verbose command:

sudo ufw status verbose

 

8: Restart UFW

After making changes in the rules to secure your system, you can restart the UFW in Debian through the following command:

sudo systemctl restart ufw

9: Setup Default UFW Policy

You can also set the UFW configurations to the default rules to improve its efficiency. When you install the UFW on your system, all outgoing connections are allowed and all incoming connections are blocked for your system. To do so, first, execute the following command to allow the outgoing connections:

sudo ufw default allow outgoing

Next, run the below command to block all incoming connections:

sudo ufw default deny incoming

 

10: Delete Rules of UFW

There are two approaches for deleting a rule: one is through rule numbers and the other is using the port number. To delete a rule using a numeric number, first, get the number of the rule using the below-mentioned command:

sudo ufw status numbered

Then use the following syntax to delete a firewall rule:

sudo ufw delete <rule number>

Example: The following command will delete the firewall rule set at 4:

sudo ufw delete 4

You can verify the deletion of the rule using the status command.

The second approach is using the port number for deleting the rule. The fundamental syntax of rule deletion using the port number is:

sudo ufw delete [port number]

Example: The following command will delete the firewall rule allow 22:

sudo ufw delete allow 22

The rule that allows the connection from port 22 has been deleted:

You can also delete all the rules of the firewall by using the reset command:

sudo ufw reset

It will disable the UFW on Debian and delete all the rules you have previously defined.

In the next section, we will discuss the installation and configuration of UFW on Debian 12 using the graphical application of UFW known as gufw.

 

How to Install Graphical Application of UFW on Debian 12

The graphical application for UFW is gufw and it comes pre-installed on most of the Linux distributions. It allows users to manage the firewall rules with minimal effort. If it is not installed on your system, then run the following command to install it:

sudo apt install gufw -y

The gufw is successfully installed on your Debian.

 

How to Setup Firewall with UFW on Debian 12 Using GUI

To launch the application, navigate to Activities, search gufw, and open the Firewall configuration application:

Enter the password to continue and the homepage of the gufw will appear on your screen. Here you can choose different options to customize the settings of the firewall with UFW:

You can see the following options on your screen:

1: Status

Turn the toggle ON and OFF to enable and disable the firewall on Debian:

2: Incoming

Click on the arrow to allow or deny the incoming connections:

3: Outgoing

Click on the arrow next to Outgoing to allow or deny the outgoing connections:

 

How to Uninstall UFW on Debian 12

Use the following command to uninstall the UFW with all its configuration files on Debian 12:

sudo apt purge ufw -y

Run the following command on the terminal to delete the gufw from Debian 12:

sudo apt purge gufw -y

The UFW and gufw have been successfully removed from Debian 12.

 

Conclusion

On Debian, the Firewall is a security system that keeps track of both incoming and outgoing traffic. The UFW is a simple command line tool that manages the Netfilter Firewall and controls the network connections based on predefined rules. You can customize the rules using the numerous available options that we have discussed in this guide. The UFW also has a GUI-based application known as gufw for managing the firewall of the system. We have also discussed the installation procedure and the customization options of the application in the above section of the post.

Similar Posts