Data protection is a set of activities and techniques that you can use to ensure your data's confidentiality, accessibility, and integrity. It is a major concern of computer users nowadays, as your private data can be misused by third parties for fraud. To ensure data integrity, Linux allows you to configure a firewall and set its privacy according to your requirements.
A firewall is a type of network security software that checks entering and departing traffic on the network. In plain terminology, a firewall is a virtual barrier that is set up to prevent the least amount of damage from occurring. As a result, a barrier is put between safe and unsafe areas. Where your private networks are safe, and the internet, a large public network is dangerous. In this way, a firewall not only prevents malicious attacks on your server but also protects you from unwanted network communication.
Private network services are restricted based on several factors, such as connections, while public services can be left open and available on the internet. Internal services can be made completely inaccessible via the internet. In most of the configurations, access to ports that aren’t in use is completely blocked.
Here at Ibmi Media, we shall look into configuring your firewall to set data privacy on Ubuntu LTS 20.04.
Different ways of Configuring Your Linux Firewall to Protect Your Data Center on Ubuntu
We can configure the firewall of our system using both the command-line and graphical user interface:
- Configure Your Linux Firewall using GUFW.
- Configure Your Linux Firewall Using UFW.
a. Configure Your Linux Firewall using GUFW
GUFW is a graphical utility for uncomplicated firewalls. Follow the below steps:
1. Install gufw
To begin, open the Ubuntu Appstore, and in the search bar, type "gufw" and install the "firewall configuration" tool.
2. Launch GUFW
After successful installation, open activities, and in the search bar, type "gufw" and select the "firewall configuration" option.
3. Enable Firewall
To allow the firewall, simply turn it on from the status menu. All incoming connections are blocked by default, while all outgoing connections are permitted.
4. Add your own rules
Click on the "Rules" tab.
Now click on "+" to add your own rules.
A new window will appear. If you want to add any rule, add that rule and then click on the "Add" button.
b. Configure Your Linux Firewall Using UFW
UFW stands for "uncomplicated firewall". It is one of the command line approaches to configuring firewalls to protect data. It's simple to use and comes pre-installed in many Linux distributions. So do the following:
1. Check the status
By default, ufw is disabled in Ubuntu. Run the below-mentioned command to check its status:
$ sudo ufw status
2. Enable firewall
If the status is inactive, enter the below-mentioned command on the terminal to enable it:
$ sudo ufw enable
3. Check Existing App Rules
Run the below-mentioned command to check the list of apps that the firewall has rules for:
$ sudo ufw app list
4. Check open ports
You can look into which ports are open for those rules for "CUPS" by running the below-mentioned command:
$ sudo ufw app info CUPS
You can also change the name of the app according to your requirements in the above command.
In our case, Port 631 is available for "CUPS".
5. Create your own rules
Below, we will create some of my own rules. You can also change these rules according to your requirements.
i. Allowing access only from your PC to other devices
Firstly, you need to check the local IP address of your system with the below-mentioned command:
$ ip a
Now use this IP in the below-mentioned command to allow access from your PC to other devices:
$ sudo ufw allow from 10.0.2.15/24
ii. Allowing access from your PC to a certain port,
The below-mentioned command should be run on the terminal to allow port 80 from the PC:
$ sudo ufw allow from 10.0.2.15/24 to any port 80
Use the IP address of your PC.
iii. Allowing access from your PC to a certain range of ports,
Below is the syntax to allow access from your PC to a certain range of ports:
$ sudo ufw allow start-port:end-port/protocol
Run the below-mentioned command to allow access to ports 44000 and 48800 for TCP and UDP to use with torrent clients.
$ sudo ufw allow 44000:488000/tcp
$ sudo ufw allow 44000:488000/udp
iv. Disabling the mentioned rules
Firstly, again check the status of the firewall to see the rules added above by the below-mentioned command:
$ sudo ufw status numbered
To delete any rule, follow the below-mentioned syntax:
$ sudo ufw delete rule_number
The below-mentioned command will delete rule_number 1:
$ sudo ufw delete 1
v. Disabling the Firewall
If you want to delete all the new rules added and change the firewall back to its original configuration mode, then disable the firewall with the below-mentioned command:
$ sudo ufw disable
vi. Reseting the Firewall
Run the below-mentioned command to reset the configuration:
$ sudo ufw reset