• Categories
    Category
  • Categories
    Category
  • News
  • Tutorials
  • Forums
  • Tags
  • Users
Tutorial Comments FAQ Related Articles

How to Install and Configure UFW Firewall in Linux Debian 11.3

  • 00:27 lsb_release -a
  • 00:39 dpkg --get-selections | grep ufw
  • 01:01 apt-get install ufw
  • 01:21 ufw status
  • 01:33 ufw enable
  • 01:44 ufw status
  • 02:00 ufw status verbose
  • 02:17 ufw allow ssh
  • 02:29 ufw status
  • 02:48 ufw status numbered
  • 03:08 ufw deny ftp
  • 03:26 ufw status
  • 03:58 ufw allow 2290
  • 04:20 ufw allow 2290:2300/tcp
  • 04:35 ufw status
  • 04:52 ufw allow 2290:2300/udp
  • 05:28 ufw allow from 192.168.2.135
  • 06:27 ufw allow from 192.168.2.135 proto tcp to any port 22
  • 07:06 ufw status
  • 07:29 ufw status numbered
  • 07:37 ufw delete 6
  • 07:55 ufw disable
7104

To Install and Configure UFW Firewall in Linux Debian 11.3

Introduction:

UFW, or Uncomplicated Firewall, is an interface to iptables aimed at simplifying firewall configuration. While iptables can be difficult for beginners to master in order to set up a firewall properly.

Pre-Requisites

• Debian

• Root privileges or admin privileges

Installation Procedure:

Step 1: Check the OS version by using the below command

root@linuxhelp: ~# lsb_release -a
No LSB modules are available.
Distributor ID:	Debian
Description:	Debian GNU/Linux 11 (bullseye)
Release:	11
Codename:	bullseye

Step 2: First, check whether ufw is installed by using the below command.

root@linuxhelp: ~# dpkg --get-selections | grep ufw
If it’s not installed, i can install it using apt following commands

root@linuxhelp: ~# apt-get install ufw
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  galera-4 gsasl-common libcgi-fast-perl libcgi-pm-perl libconfig-inifiles-perl libdbi-perl
  libfcgi-bin libfcgi-perl libfcgi0ldbl libgsasl7 libhtml-template-perl libntlm0
  libterm-readkey-perl mailutils-common socat
Use 'apt autoremove' to remove them.
The following NEW packages will be installed:
  ufw
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 167 kB of archives.
After this operation, 857 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main amd64 ufw all 0.36-7.1 [167 kB]
Fetched 167 kB in 0s (462 kB/s)
Preconfiguring packages ...
Selecting previously unselected package ufw.
(Reading database ... 286903 files and directories currently installed.)
Preparing to unpack .../archives/ufw_0.36-7.1_all.deb ...
Unpacking ufw (0.36-7.1) ...
Setting up ufw (0.36-7.1) ...

Step 3: To know about the firewall status, run the below command.

root@linuxhelp: ~# ufw status
Status: inactive

Step 4: To enable UFW in the terminal, execute the below command.

root@linuxhelp: ~# ufw enable
Firewall is active and enabled on system startup
system startup

step 5: Again, check the firewall status, run the following command.

root@linuxhelp: ~# ufw status
Status: active

Step 6: After the firewall is activated, you can add your rules into it. If you want to see the default rules view using the below command

root@linuxhelp: ~# ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)

Step 7: The UFW helps us to open a particular port to allow the access to a user and trigger it by using the below command.

root@linuxhelp: ~# ufw allow ssh
Rule added
Rule added (v6)
root@linuxhelp: ~# ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)   

Step 8: We can also add a rule by using the insert command and display the status in numbered format by running the below command.

root@linuxhelp: ~# ufw status numbered
Status: active
     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere                  
[ 2] 22/tcp (v6)                ALLOW IN    Anywhere (v6)    

Step 9: To deny FTP connection by using the below command.

root@linuxhelp: ~# ufw deny ftp
Rule added
Rule added (v6)
root@linuxhelp: ~# ufw status
Status: active
To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
21/tcp                     DENY        Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
21/tcp (v6)                DENY        Anywhere (v6)       

Step 10: Next allow the Particular port by using the below command

root@linuxhelp: ~# ufw allow 2290
Rule added
Rule added (v6)

Step 11: It also possible for you to add port-range into the rule. If we want to open port from 2290 – 2300 with TCP protocol, then the command will be like this.

root@linuxhelp: ~# ufw allow 2290:2300/tcp
Rule added
Rule added (v6)
root@linuxhelp: ~# ufw status
Status: active
To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
21/tcp                     DENY        Anywhere                  
2290                       ALLOW       Anywhere                  
2290:2300/tcp              ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
21/tcp (v6)                DENY        Anywhere (v6)             
2290 (v6)                  ALLOW       Anywhere (v6)             
2290:2300/tcp (v6)         ALLOW       Anywhere (v6)

Step 12: while if you want to use UDP, just use the below command.

root@linuxhelp: ~# ufw allow 2290:2300/udp
Rule added
Rule added (v6)

Step 13: To allow connections from a specific IP address, use the below command.

root@linuxhelp: ~# ufw allow from 192.168.2.135
Rule added
root@linuxhelp: ~# ufw status
Status: active
To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
21/tcp                     DENY        Anywhere                  
2290                       ALLOW       Anywhere                  
2290:2300/tcp              ALLOW       Anywhere                  
2290:2300/udp              ALLOW       Anywhere                  
Anywhere                   ALLOW       192.168.2.135             
22/tcp (v6)                ALLOW       Anywhere (v6)             
21/tcp (v6)                DENY        Anywhere (v6)             
2290 (v6)                  ALLOW       Anywhere (v6)             
2290:2300/tcp (v6)         ALLOW       Anywhere (v6)             
2290:2300/udp (v6)         ALLOW       Anywhere (v6)   

Step 14: We can also specify a specific port for the IP address that is allowed to connect by adding “to any port" followed by the port number.

root@linuxhelp: ~# ufw allow from 192.168.2.135 proto tcp to any port 22
Rule added
root@linuxhelp: ~# ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
21/tcp                     DENY        Anywhere                  
2290                       ALLOW       Anywhere                  
2290:2300/tcp              ALLOW       Anywhere                  
2290:2300/udp              ALLOW       Anywhere                  
Anywhere                   ALLOW       192.168.2.135             
22                         ALLOW       Anywhere                  
22/tcp                     ALLOW       192.168.2.135             
22/tcp (v6)                ALLOW       Anywhere (v6)             
21/tcp (v6)                DENY        Anywhere (v6)             
2290 (v6)                  ALLOW       Anywhere (v6)             
2290:2300/tcp (v6)         ALLOW       Anywhere (v6)             
2290:2300/udp (v6)         ALLOW       Anywhere (v6)             
22 (v6)                    ALLOW       Anywhere (v6)  

Step 15: We can also add a rule by using the insert command and display the status in numbered format by running the below command.

root@linuxhelp: ~# ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere                  
[ 2] 21/tcp                     DENY IN     Anywhere                  
[ 3] 2290                       ALLOW IN    Anywhere                  
[ 4] 2290:2300/tcp              ALLOW IN    Anywhere                  
[ 5] 2290:2300/udp              ALLOW IN    Anywhere                  
[ 6] Anywhere                   ALLOW IN    192.168.2.135             
[ 7] 22                         ALLOW IN    Anywhere                  
[ 8] 22/tcp                     ALLOW IN    192.168.2.135             
[ 9] 22/tcp (v6)                ALLOW IN    Anywhere (v6)             
[10] 21/tcp (v6)                DENY IN     Anywhere (v6)             
[11] 2290 (v6)                  ALLOW IN    Anywhere (v6)             
[12] 2290:2300/tcp (v6)         ALLOW IN    Anywhere (v6)             
[13] 2290:2300/udp (v6)         ALLOW IN    Anywhere (v6)             
[14] 22 (v6)                    ALLOW IN    Anywhere (v6)     

Step 16: Delete the rules from UFW by using the below command

root@linuxhelp: ~# ufw delete 6
Deleting:
 allow from 192.168.2.135
Proceed with operation (y|n)? y
Rule deleted

Step 17: Disable the UFW firewall by using the below command

root@linuxhelp: ~# ufw disable
Firewall stopped and disabled on system startup

Step 18: Finally Reset the UFW firewall services by using the below command

root@linuxhelp: ~# ufw reset
Resetting all rules to installed defaults. Proceed with operation (y|n)? y
Backing up 'user.rules' to '/etc/ufw/user.rules.20220805_152040'
Backing up 'before.rules' to '/etc/ufw/before.rules.20220805_152040'
Backing up 'after.rules' to '/etc/ufw/after.rules.20220805_152040'
Backing up 'user6.rules' to '/etc/ufw/user6.rules.20220805_152040'
Backing up 'before6.rules' to '/etc/ufw/before6.rules.20220805_152040'
Backing up 'after6.rules' to '/etc/ufw/after6.rules.20220805_152040'

Conclusion:

We have reached the end of this article. In this guide, we have walked you through the steps required to install and configure UFW Firewall in Linux Debian 11.3. Your feedback is much welcome.

Tags:
connor
Author: 

Comments ( 0 )

No comments available

Add a comment

Frequently asked questions ( 5 )

Q

What is UFW in Linux?

A

UFW, or Uncomplicated Firewall, is a frontend for managing firewall rules in Arch Linux, Debian, or Ubuntu.

Q

How do I check my Debian UFW firewall status?

A

Check the status of UFW with this command: sudo ufw status

Q

How to display the UFW status in numbered format?

A

Display for UFW in a numbered format using the following commands ufw status numbered.

Q

How to allow connection from a specific IP address UFW firewall?

A

Use the UFW allow from .

Q

How to disable the UFW firewall?

A

UFW disable command can be used to disable the firewall.

Related Tutorials in How to Install and Configure UFW Firewall in Linux Debian 11.3

Related Tutorials in How to Install and Configure UFW Firewall in Linux Debian 11.3

How to install Gparted on Debian 9.0
How to install Gparted on Debian 9.0
Sep 13, 2017
Installation SSL Certificate on Ubuntu/Linuxmint/Debian to Secure Apache
Installation SSL Certificate on Ubuntu/Linuxmint/Debian to Secure Apache
Sep 19, 2018
How to install Xrdp Server (Remote Desktop) on Oracle Linux 8.5
How to install Xrdp Server (Remote Desktop) on Oracle Linux 8.5
Oct 17, 2022
How to install and update OpenSSL on Debian 11.3
How to install and update OpenSSL on Debian 11.3
Oct 21, 2022
How to install qBittorrent on Debian 9.0
How to install qBittorrent on Debian 9.0
Sep 8, 2017
How to Install FileZilla in Debian
How to Install FileZilla in Debian
Nov 29, 2016
How to Install and Configure Mega in Linux
How to Install and Configure Mega in Linux
Jul 19, 2016
How to install Nmap on Debian 9.0
How to install Nmap on Debian 9.0
Sep 9, 2017

Related Forums in How to Install and Configure UFW Firewall in Linux Debian 11.3

Related Forums in How to Install and Configure UFW Firewall in Linux Debian 11.3

Linux
jayce class=
shasum command not found
May 5, 2017
Linux
stephan class=
How to list all samba users
Jan 12, 2018
pv command
muhammad class=
pvcreate command not found error
May 9, 2017
Linux
henry class=
Starting NFS daemon: rpc.nfsd: writing fd to kernel failed: errno 111 (Connection refused)
Apr 25, 2017
Firewall
kishore class=
How to check log for CSF firewall
Jan 2, 2018
ifconfig command
jackbrookes class=
what is the location of the ifconfig program on your machine?
Jan 4, 2018
Linux
baseer class=
single command to apply setfacl for multiple user at a time
Jan 23, 2018
Linux
beulah class=
What does mean by 0 0 value in fstab file
Jan 2, 2018

Related News in How to Install and Configure UFW Firewall in Linux Debian 11.3

Related News in How to Install and Configure UFW Firewall in Linux Debian 11.3

Anbox, the Android-to-Linux tool the developers have been waiting for
Anbox, the Android-to-Linux tool the developers have been waiting for
Apr 17, 2017
Linus Torvalds stops signing Linux kernel RC tarballs
Linus Torvalds stops signing Linux kernel RC tarballs
May 17, 2017
Capsule8 Launches Linux-Based Container Security Platform
Capsule8 Launches Linux-Based Container Security Platform
Feb 14, 2017
Symantec updates Management console product
Symantec updates Management console product
Nov 22, 2017
Latest Linux driver release feature seven AMD Vega
Latest Linux driver release feature seven AMD Vega
Mar 23, 2017
A Newer and a Faster Window Manager for Tina (Linux Mint 19.2)
A Newer and a Faster Window Manager for Tina (Linux Mint 19.2)
Apr 9, 2019
Microsoft makes its Azure App service now available on Linux Systems
Microsoft makes its Azure App service now available on Linux Systems
Sep 7, 2017
Docker friendly Alpine Linux gets hardened Node.js
Docker friendly Alpine Linux gets hardened Node.js
Apr 19, 2017
Back To Top!
Rank
User
Points

Top Contributers

userNamenaveelansari
135850

Top Contributers

userNameayanbhatti
92510

Top Contributers

userNamehamzaahmed
32150

Top Contributers

1
userNamelinuxhelp
31040

Top Contributers

userNamemuhammadali
24500
Can you help Ganesh Konka ?
Zentya 6.1 http proxy configuration

please send link for creating zentyal 6.1 for http proxy and firewall as gateway.

Networking
  • Routing
  • trunk
  • Netmask
  • Packet Capture
  • domain
  • HTTP Proxy
Server Setup
  • NFS
  • KVM
  • Memory
  • Sendmail
  • WebDAV
  • LXC
Shell Commands
  • Cloud commander
  • Command line archive tools
  • last command
  • Shell
  • terminal
  • Throttle
Desktop Application
  • Linux app
  • Pithos
  • Retrospect
  • Scribe
  • TortoiseHg
  • 4Images
Monitoring Tool
  • Monit
  • Apache Server Monitoring
  • EtherApe 
  • Arpwatch Tool
  • Auditd
  • Barman
Web Application
  • Nutch
  • Amazon VPC
  • FarmWarDeployer
  • Rukovoditel
  • Mirror site
  • Chef
Contact Us | Terms of Use| Privacy Policy| Disclaimer
© 2025 LinuxHelp.com All rights reserved. Linux™ is the registered trademark of Linus Torvalds. This site is not affiliated with linus torvalds in any way.