Configure Your Linux Firewall to Best Protect Your Data Center - How to do it properly on Ubuntu LTS 20.04 ?


Data protection is a set of activities and techniques that you can use to ensure your data's confidentiality, accessibility, and integrity. It is a major concern of computer users nowadays, as your private data can be misused by third parties for fraud. To ensure data integrity, Linux allows you to configure a firewall and set its privacy according to your requirements.

A firewall is a type of network security software that checks entering and departing traffic on the network. In plain terminology, a firewall is a virtual barrier that is set up to prevent the least amount of damage from occurring. As a result, a barrier is put between safe and unsafe areas. Where your private networks are safe, and the internet, a large public network is dangerous. In this way, a firewall not only prevents malicious attacks on your server but also protects you from unwanted network communication.

Private network services are restricted based on several factors, such as connections, while public services can be left open and available on the internet. Internal services can be made completely inaccessible via the internet. In most of the configurations, access to ports that aren’t in use is completely blocked.

Here at Ibmi Media, we shall look into configuring your firewall to set data privacy on Ubuntu LTS 20.04.


Different ways of Configuring Your Linux Firewall to Protect Your Data Center on Ubuntu

We can configure the firewall of our system using both the command-line and graphical user interface:

  • Configure Your Linux Firewall using GUFW.
  • Configure Your Linux Firewall Using UFW.


a. Configure Your Linux Firewall using GUFW

GUFW is a graphical utility for uncomplicated firewalls. Follow the below steps:

1. Install gufw

To begin, open the Ubuntu Appstore, and in the search bar, type "gufw" and install the "firewall configuration" tool.


2. Launch GUFW

After successful installation, open activities, and in the search bar, type "gufw" and select the "firewall configuration" option.


3. Enable Firewall

To allow the firewall, simply turn it on from the status menu. All incoming connections are blocked by default, while all outgoing connections are permitted.


4. Add your own rules

Click on the "Rules" tab.

Now click on "+" to add your own rules.

A new window will appear. If you want to add any rule, add that rule and then click on the "Add" button.


b. Configure Your Linux Firewall Using UFW

UFW stands for "uncomplicated firewall". It is one of the command line approaches to configuring firewalls to protect data. It's simple to use and comes pre-installed in many Linux distributions. So do the following:


1. Check the status

By default, ufw is disabled in Ubuntu. Run the below-mentioned command to check its status:

$ sudo ufw status


2. Enable firewall

If the status is inactive, enter the below-mentioned command on the terminal to enable it:

$ sudo ufw enable


3. Check Existing App Rules

Run the below-mentioned command to check the list of apps that the firewall has rules for:

$ sudo ufw app list


4. Check open ports

You can look into which ports are open for those rules for "CUPS" by running the below-mentioned command:

$ sudo ufw app info CUPS

You can also change the name of the app according to your requirements in the above command.

In our case, Port 631 is available for "CUPS".


5. Create your own rules

Below, we will create some of my own rules. You can also change these rules according to your requirements.

i. Allowing access only from your PC to other devices

Firstly, you need to check the local IP address of your system with the below-mentioned command:

$ ip a

Now use this IP in the below-mentioned command to allow access from your PC to other devices:

$ sudo ufw allow from 10.0.2.15/24

ii. Allowing access from your PC to a certain port,

The below-mentioned command should be run on the terminal to allow port 80 from the PC:

$ sudo ufw allow from 10.0.2.15/24 to any port 80

Use the IP address of your PC.

iii. Allowing access from your PC to a certain range of ports,

Below is the syntax to allow access from your PC to a certain range of ports:

$ sudo ufw allow start-port:end-port/protocol

Run the below-mentioned command to allow access to ports 44000 and 48800 for TCP and UDP to use with torrent clients.

For TCP:

$ sudo ufw allow 44000:488000/tcp

For UDP:

$ sudo ufw allow 44000:488000/udp

iv. Disabling the mentioned rules

Firstly, again check the status of the firewall to see the rules added above by the below-mentioned command:

$ sudo ufw status numbered

To delete any rule, follow the below-mentioned syntax:

$ sudo ufw delete rule_number

The below-mentioned command will delete rule_number 1:

$ sudo ufw delete 1

v. Disabling the Firewall

If you want to delete all the new rules added and change the firewall back to its original configuration mode, then disable the firewall with the below-mentioned command:

$ sudo ufw disable

vi. Reseting the Firewall

Run the below-mentioned command to reset the configuration:

$ sudo ufw reset


[Need help in fixing Linux system firewall issues ? We can help you. ]


Conclusion

This article covers protecting our data center by configuring a firewall by using two approaches; configure your Linux firewall using GUFW and configure your Linux firewall using UFW. In fact, Data security is a serious concern in this era of technology, but there are various ways available to protect your data. Configuring the firewall on your Linux system is one of the most popular strategies. A firewall is a type of network software that helps us protect against data breaches by applying various rules.


For Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on LinuxAPT.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com