UFW

UFW stands for Uncomplicated Firewall and is an easy to manage wrapper for IPTables. UTN systems use this firewall as their main firewall.

On most UTN systems the following ports/services, referred to as rules, are allowed (both on IPv4 and IPv6):

  • ssh, to enable SSH access to the server.
  • 80/tcp, to access the server over HTTP.
  • 443/tcp, to access the server over HTTPS.

Do not enable 25/tcp unless the mail server (Postfix), is secured against foreign authentication.

Useful commands

The commands you should keep in mind when working with UFW are the following:

  • ufw allow [rule], to allow access for connections matching the rule.
  • ufw delete allow [rule], to delete a previously created rule.
  • ufw show added, to show the rules to be added on reload.
  • ufw enable, to enable UFW.
  • ufq status, to see the currently enforced rules.

These commands need to be run as the root user.