Kali Linux is an open-source robust operating system that people widely use to perform tasks like penetration testing, reverse engineering, network troubleshooting and more. Kali Linux, like other Linux operating systems, is known to be resilient against the cyber threat. However, that doesn’t mean the system privacy and security cannot be compromised. You should adopt precautionary measures to make it hard for an unauthorized user to enter your system.
To help you with that, there is a network security system called Firewall that is widely used for managing and monitoring the incoming and outgoing connections on your system. With Firewall, you can filter the incoming and outgoing traffic based on some predefined rules. It acts as a bridge between your trusted network and an untrusted network like the Internet, and allows and denies those connections that don’t meet the requirement of a specified rule.
In this guide, you will learn:
- How to Install and Setup Firewall on Kali Linux
- How to Use Firewall on Kali Linux
- How to Delete a Specific Firewall Rule on Kali Linux
- How to Reset Firewall Settings and Rules on Kali Linux
- Bonus Method: How to Install Firewall GUI (GUFW) on Kali Linux
- Conclusion
How to Install and Setup Firewall on Kali Linux
To set up Firewall on your Kali Linux system, you need to ensure it is installed on your system. By default, Firewall is not installed on the Kali Linux system, but with the apt repository, you can install the Firewall package called UFW on the system. To install and setup Firewall on Kali Linux, follow the below-given steps:
Step 1: Update Kali Linux Repository
Since, the Firewall package is installed from the apt repository, it is recommended to update your repository from the below-given command to ensure installing the up-to-date packages on Kali Linux:
Step 2: Install Firewall on Kali Linux
After you updated the repository, you can use the following command to install Firewall (UFW) on your Kali Linux system:
Step 3: Enable Firewall on Kali Linux
After installing the Firewall, you can enable it from the following command so that it will be automatically activated on the system startup:
Step 4: Check Firewall Status on Kali Linux
If you want to check the Firewall status on Kali Linux system, you can use the provided command:
Step 5: Check Verbose Firewall Status
If you want to check for detailed information about Firewall status on Kali Linux, you can simply run the below-given command
From the above command, you will be able to see the connection, login, incoming and outgoing, and profile status of Firewall.
How to Use Firewall on Kali Linux
There are different uses of Firewall on a system, some of the widely used one are to:
How to Allow and Deny Traffic to Kali Linux System
With Firewall installed on Kali Linux, you can allow and deny traffic to your system. It can be done in different ways, such as:
- Allow and Deny Traffic By Port Number
- Allow and Deny Traffic By Service Name
- Allow and Deny Traffic By IP Address
How to Allow and Deny Traffic to Kali Linux By Port Number
If you want to allow connection to Kali Linux system by port number, you can use the following syntax:
Replace port_no with the port you choose for allowing the incoming connection to Kali Linux.
To deny a connection from a specific port number on Kali Linux with Firewall, simply use the following syntax:
Besides assigning only the port number, it is recommended to use TCP or UDP protocol after the port number. The reason is different applications use different protocols for the same port number. So, if you specify the port number with the protocol, it will tell the Firewall to allow or deny connection for that port operating on a specific protocol.
For example, the port 80 is commonly used for HTTP (TCP) and QUIC (UDP), but if you want to allow only the port with HTTP (TCP) protocol, you can use 80/tcp instead of 80:
To see the Firewall rule set by you on your system, you can use the following command:
Further, you can also allow or deny traffic for a certain range of ports on your Kali Linux system, it can be done by using the following syntax:
sudo ufw deny 85:90/tcp
How to Allow and Deny Traffic By Service Name on Kali Linux
Besides using the port number, you can also allow and deny traffic on the Kali Linux system by the service name. For example, to allow the traffic for SSH service on Kali Linux, you can use the below-given command:
For denying a specific service on Kali Linux using the service name, such as SSH, use the following command:
How to Allow and Deny Traffic By IP Address on Kali Linux
If you want to allow traffic on Kali Linux system from a certain IP address, you can use the following syntax:
To deny the traffic of a certain IP address on a system, use the below-given command:
How to Create Custom Rules for Different Network Interfaces and IP Addresses on Kali Linux
You can use Firewall on Kali Linux to create custom rules for different network interfaces and IP Addresses. For example, if you want to allow incoming SSH connection on interface eth0 with the default SSH port number 22, you can use the following command:
To block the connection, use deny instead of allow in the above command.
If you want to create a custom Firewall rule for a specific IP address, such as allowing the IP address to use the default port 22 for SSH, use the following syntax:
Note: Ensure replacing the IP_address, port number and tcp protocol according to your choice.
How to Delete a Specific Firewall Rule on Kali Linux
If you have set up multiple Firewall rules and want to delete some of them, you can do it quite easily. For that purpose, first check for Firewall rules numbers using the following command:
Then use the following syntax to delete a specific Firewall rule from the list:
Here, I am deleting Firewall rule place at position 9. When you are going to delete the rule, it will ask for approval, do it by entering y in the option box:
Once done, it will delete the specific Firewall rule from your system:
How to Reset Firewall Settings and Rules on Kali Linux
If you want to delete all the Firewall settings and rules you set on Kali Linux, you can use the below-given command:
It will ask for approval, simply type y in the option box:
This will delete all the Firewall settings and rules, keeping the Firewall to the default settings:
Note: After resetting the Firewall, you have to enable Firewall again on your system and then set rules according to your choice later on.
Bonus Method: How to Install Firewall GUI (GUFW) on Kali Linux
The developers have also created a GUI interface of Firewall called GUFW to ease users in setting up the Firewall directly from the desktop. The GUFW package can be installed directly from the apt repository using the below-given command:
After installing the Firewall GUI, you can open it from the terminal using the sudo gufw command or from the Application launcher by searching the app.
This will open the Firewall GUI application on your Kali Linux system.
You can then enable the Firewall from the GUI using the toggle button and set incoming, outgoing connections as well as separately set rules for your connection.
How to Remove UFW and GUFW from Kali Linux
If you want to remove UFW and GUFW from your Kali Linux system in case you no longer need them, simply use the below-given command:
Conclusion
Setting up a Firewall is an important task since it will help manage your privacy by allowing or denying connections to your system. You can install and set up Firewall on Kali Linux by first installing the Firewall package (UFW) on your system from the apt command. Then, enable the Firewall service and use the ufw commands to allow or deny connections to your system.
You can manage connections with Firewall using the port number, service name and IP address of the network. Besides that, you can also create custom rules for network interfaces and IP addresses with Firewall. Further, you can delete or reset Firewall rules or set them to the default in case you no longer have them. All these methods are already provided in the above sections of this guide. Follow them and improve your Kali Linux security from the cyber threat.
By day, I am an engineer and researcher, building bridges and figuring out how the universe works. But when the clock strikes five, I turn into a wordsmith!
I write about my adventures on my blog, sharing tips and tricks to help others join the tech fun. I have worked on Raspberry Pi, Ubuntu, Debian, and Laptops. Right now, I have accepted the challenge of working on the Kali Linux system, and with my vast expertise in Linux systems, I will help users overcome the challenges through my blogs.