Will & Skill Developers

Will & Skill Developers


Thoughts, snippets and ideas from the team at Will & Skill AB, Stockholm.

Faisal M
Author

“The mind is not a vessel to be filled, but a fire to be kindled.” ― Plutarch

Share


Tags


avrt

How to quickly setup a robust network firewall with UFW on Ubuntu 18.04

Faisal MFaisal M

When Your product needs to scale it can be smart to separate services into their own VMs. These VMs can be setup in a private network that can interact with different parts of Your tech stack thru the private network. So database clusters, cache clusters, frontend server clusters and so on can be separated and grouped into self sufficient services.

In this UFW cheat sheet we will show You a small example of building a private network with UFW on Ubuntu.

  1. Install UFW by running the command below
sudo apt-get update
sudo apt-get install ufw
  1. Check that the service is installed
sudo ufw status
  1. To enable it as a firewall You can run the command below
sudo ufw enable

NOTE: Make sure that You can access the machine via SSH before closing the active terminal session after You have enabled UFW

Allow traffic on port 2222

sudo ufw allow 2222

Allow traffic in on service ssh

sudo ufw allow ssh

Allow in traffic on port 5432 (default for PostgreSQL)

sudo ufw allow in on eth1 to any port 5432

Allow traffic on port 6432 (default for PgBouncer)

sudo ufw allow in on eth1 to any port 6432

Allow traffic on network interface eth1 from ip 192.168.0.11 to port 2222

sudo ufw allow in on eth1 from 192.168.0.11 to any port 2222

Allow in on network interface eth1 from a subnet to port 2121

sudo ufw allow in on eth1 from 192.168.0.0/16 to any port 2121

Allow ranges of ports

sudo ufw allow 8000:8009/tcp

If You want to delete a rule You just add the keyword delete after invoking ufw so to delete the last rule You execute sudo ufw delete allow 8000:8009/tcp and then to make sure that it is deleted You can run sudo ufw status

Faisal M
Author

Faisal M

“The mind is not a vessel to be filled, but a fire to be kindled.” ― Plutarch

View Comments