Every internet-connected device needs a Firewall for security. The Firewall in Linux is a network security system that blocks the incoming and outgoing traffic to secure the network. It filters the dangerous traffic based on predefined rules to protect the device from any unauthorized access. It can be used to block and allow specific ports, IP addresses, and services.
Debian has iptables, nftables, and firewalld that contain the Firewall rules and are used to configure the Firewall of the network. UFW is the best alternative to these utilities since these utilities have quite complex syntax. Using UFW, you can easily manage both incoming and outgoing traffic by defining different rules.
Quick Outline
- What is UFW
- How to Install UFW on Debian 12 Using CLI
- How to Setup Firewall With UFW on Debian 12 Using CLI
- How to Install Graphical Application of UFW on Debian 12
- How to Setup Firewall with UFW on Debian 12 Using GUI
- How to Uninstall UFW on Debian 12
- Conclusion
What is UFW
UFW is a tool in Linux that manages the Netfilter firewall and is known as an Uncomplicated Firewall. As the name suggests, the UFW provides the easy-to-use command line interface to manage the firewall on your system. It uses the simple command and iptables for configuration and protects your system from external attacks by blocking the connections. You can add and delete rules to create IPv4 and IPv6 based firewalls on your Debian system.
You can install and setup UFW on your Debian through both the terminal and GUI-based application of UFW known as gufw. In the next section of this post, we will demonstrate these two mentioned approaches in detail.
How to Install UFW on Debian 12 Using CLI
On most Linux-based distributions, the UFW comes pre-installed, if it is not, you can install it from the official repository. You will need sudo privileges to install and set up the firewall on Debian. Follow these steps to install UFW on Debian 12:
Step 1: It is recommended to upgrade your repository before installing any package:
Step 2: Next, install UFW on Debian from the official repository using the following command:
Step 3: Verify the installation by running the version command on the terminal:
How to Setup Firewall with UFW on Debian 12 Using CLI
Once you have installed UFW on your system, it is important to properly configure it. To protect our system from unauthorized access, we can do customization in port addresses and protocols. We have discussed the various aspects of configuring the UFW below:
- Configure UFW to Support IPV6
- Enable UFW
- Disable UFW
- Check Application Profiles With UFW
- Allow, Deny, and Limit Traffic of Specific Port with UFW
- Deal With Particular IP Using UFW
- Check the Status of UFW
- Restart UFW
- Setup Default UFW Policy
- Delete Rules of UFW
1: Configure UFW to Support IPv6
You can customize the settings of the UFW file to make it support both IPv4 and IPv6. To do so, access the configuration file using the nano editor through the execution of the following command:
Look for the line IPV6 and set the “IPV6=yes”, save the file using Ctrl + X, add Y and press Enter to close it.
After editing the file, execute the below command to restart the UFW:
2: Enable UFW
To enable UFW on Debian, write out the following simple command on your terminal:
3: Disable UFW
It is not recommended to disable UFW on Debian; however, if you want to disable it sometimes for troubleshooting purposes then you can run the following command:
4: Check Application Profiles With UFW
All the application profiles of the packages installed with apt on your Debian are stored in the etc/ufw/applications.d directory. To display the applications with UFW, execute the following command:
To view the information about a specific package, use the info flag followed by the name of the package:
Example: I want to view the information about KTorrent:
5: Allow, Deny, and Limit Traffic of Specific Port with UFW
In Debian, you can use the name of the port number to allow or permit the traffic. For example, to enable the incoming connections for port 22, namely SSH, we will run one of the below-mentioned commands:
OR
To deny the incoming connections for port 22, execute the following command:
To limit the traffic of the port, use the limit argument with the ufw command:
6: Deal With Particular IP Using UFW
UFW allows you to define rules to allow or deny particular IP addresses to access your system. For instance, to allow incoming connections from IP address 192.168.2.0, write out the following command on the terminal:
You can also create a rule to allow or prevent the IP address from connecting to the server through the specified port using the below syntax:
For example, to allow 192.168.2.0 to connect to the server using port 44, execute the following command:
7: Check the Status of UFW
The following command will display the status of UFW with all the rules on the screen:
To get more details about the rules, you can execute the verbose command:
8: Restart UFW
After making changes in the rules to secure your system, you can restart the UFW in Debian through the following command:
9: Setup Default UFW Policy
You can also set the UFW configurations to the default rules to improve its efficiency. When you install the UFW on your system, all outgoing connections are allowed and all incoming connections are blocked for your system. To do so, first, execute the following command to allow the outgoing connections:
Next, run the below command to block all incoming connections:
10: Delete Rules of UFW
There are two approaches for deleting a rule: one is through rule numbers and the other is using the port number. To delete a rule using a numeric number, first, get the number of the rule using the below-mentioned command:
Then use the following syntax to delete a firewall rule:
Example: The following command will delete the firewall rule set at 4:
You can verify the deletion of the rule using the status command.
The second approach is using the port number for deleting the rule. The fundamental syntax of rule deletion using the port number is:
Example: The following command will delete the firewall rule allow 22:
The rule that allows the connection from port 22 has been deleted:
You can also delete all the rules of the firewall by using the reset command:
It will disable the UFW on Debian and delete all the rules you have previously defined.
In the next section, we will discuss the installation and configuration of UFW on Debian 12 using the graphical application of UFW known as gufw.
How to Install Graphical Application of UFW on Debian 12
The graphical application for UFW is gufw and it comes pre-installed on most of the Linux distributions. It allows users to manage the firewall rules with minimal effort. If it is not installed on your system, then run the following command to install it:
The gufw is successfully installed on your Debian.
How to Setup Firewall with UFW on Debian 12 Using GUI
To launch the application, navigate to Activities, search gufw, and open the Firewall configuration application:
Enter the password to continue and the homepage of the gufw will appear on your screen. Here you can choose different options to customize the settings of the firewall with UFW:
You can see the following options on your screen:
1: Status
Turn the toggle ON and OFF to enable and disable the firewall on Debian:
2: Incoming
Click on the arrow to allow or deny the incoming connections:
3: Outgoing
Click on the arrow next to Outgoing to allow or deny the outgoing connections:
How to Uninstall UFW on Debian 12
Use the following command to uninstall the UFW with all its configuration files on Debian 12:
Run the following command on the terminal to delete the gufw from Debian 12:
The UFW and gufw have been successfully removed from Debian 12.
Conclusion
On Debian, the Firewall is a security system that keeps track of both incoming and outgoing traffic. The UFW is a simple command line tool that manages the Netfilter Firewall and controls the network connections based on predefined rules. You can customize the rules using the numerous available options that we have discussed in this guide. The UFW also has a GUI-based application known as gufw for managing the firewall of the system. We have also discussed the installation procedure and the customization options of the application in the above section of the post.
Hi there! I am a Bioinformatician and a technical content writer. My passion for Linux motivates me to explore various dimensions of Linux OS and write for Linuxways. By combining my skills and IT knowledge, I craft user-friendly and engaging content that helps others to understand complex topics.