Setting up iptables firewall can be difficult for Linux beginners. Ubuntu has made it a little bit easier. UFW, aka uncomplicated firewall, is the front end for iptables. Gufw on the other hand, is the graphical front end for UFW and it’s one of the easiest firewalls in the world.
To install Gufw, just open up a terminal window and issue the following command.
sudo apt-get install gufw
Now we can launch gufw in Unity Dash.
Be default you have 3 different profiles: public, office and home.
The most basic setup for a home computer is denying all incoming traffic and allow all outgoing traffic. You will be able to surf the Internet. To achieve this, you just need to switch status from off to on.
To add your own firewall rules, click on the Rules tab then click on the plus sign. (You need to switch status on in order to add your own rules).
You can add firewall rule for a specific application such as 0 A.D. or a protocol such as SSH.
Let’s say you want to disable SSH login on your Ubuntu 16.04 desktop, i.e. you don’t allow other computer to SSH into your Ubuntu machine but at the same time you want to SSH into other computer from you Ubuntu 16.04 desktop, all you need to do is set policy to Deny, select In as the direction, select Network in category, select Services in subcategory, select SSH in application and click the Add button.
You will see a new firewall in the Rules tab.
If you like to play with command line, here’ s the command to check ufw status.
sudo ufw status
To enable Gufw on system startup, enter this command:
sudo ufw enable
What’s the Difference Between Deny and Reject?
You will see 4 policies in Gufw: allow, deny, reject and limit.
- Allow is to accept packets to traverse the firewall.
- Deny will deny traffic.
- Reject policy will deny traffic and will send a packet to the source computer to let it know traffic has been rejected.
- Limit policy will deny traffic if an IP tried several connections.
To add more profiles, go to edit > preferences and click the plus button.
Should I use Gufw on my home computer?
If your home computer connects to the Internet through a broadband router which includes a built-in firewall, then you don’t need another firewall running on your computer.
If however, you do not have router in your home and your computer connects to Internet through DSL modem or cable modem, then installing and configuring Gufw on your computer is a good choice.
In public places like office, hotel or restaurants where your computer is hooked up to public Wi-fi, your computer is more likely to be attacked by malicious hackers. You definitely want to have a Gufw installed on your computer.