Pinterest Stumbleupon Whatsapp

manage linux firewallOver the years, Linux has gained the reputation of being one of the safest operating systems to work on. While viruses for Linux technically exist, none are in known circulation, and even then it’s extremely difficult for them to run correctly without a large amount of user interaction (such as the user blindly granting root permissions).

While it’s decently safe from viruses, there’s still another threat which affects all computers with networking capabilities: attacks through ports. In order to control which ports can accept data and which ones should be closed, operating systems use firewalls.

It’s not very obvious to users that Linux even comes with a firewall, as the inclusion of firewall-controlling software varies between distributions. In case your distribution doesn’t include an application to control the firewall (known as “iptables” under geeks), what should you use?

About GUFW

The answer is easy — GUFW! Some distributions (such as Ubuntu) use a tool called ufw to make managing iptables a lot easier, but there’s one problem — ufw is still just a command line tool. However, GUFW was created as a graphical front-end to ufw, so anyone can easily configure their firewall without getting too nitty gritty. Please note that GUFW can’t make 100% use out of iptables, but most common home users won’t need full use out of iptables anyways, so GUFW is great for them. For professionals and other people will high needs, they will most likely need to use ufw or configure iptables directly (and they’ll probably already know how to use it, too).


manage linux firewall
One of the great things about GUFW is that it truly makes the firewall seem like a beast you can actually control with ease. When you open the application, you’ll first need to unlock it by clicking on the Unlock button and then entering in your password so that it has administrative rights. From here, you can keep it as simple or as complicated as you’d like. In order to protect your computer from outside attacks while still keeping your system useable, turn on the firewall if it isn’t already, then choose Allow for Outgoing and Deny for Incoming. If you choose Reject for Incoming instead, you’ll find that simple tasks such as internet browsing no longer work. If you’re paranoid and know which ports you’re using, you can choose Reject and then open up each individual port that you know you need.


ufw for linux
Going to the Edit menu and choosing Preferences will allow you to choose whether ufw should be logging firewall events (and how detailed the log should be), whether GUFW should include a listening report in the window (as shown in the screenshot), and whether certain notifications should appear via libnotify.


Adding Rules

ufw for linux
There’s a couple of different ways which you can add rules. You can keep it very simple, and simply allow/deny programs or services. You can also open up or lock down specific ports if you know the number you need to control.

manage linux firewall
If you need a higher amount of control (such as rerouting data from certain ports), you can use the Advanced tab and get exactly what you need. I don’t think many non-professionals will need anything more complex than what’s offered in the Advanced tab.


To install GUFW, simply search through your respective package manager for “gufw”. Ubuntu users can also run the command sudo apt-get install gufw to accomplish the same task. After a quick and simple installation, you’re all set to tweak to your heart’s content.


It’s important to make sure that your firewall is configured properly, as any machine with a direct connection to the Internet will be at risk from hackers trying to get into your system and causing havoc. With useable tools in hand, there’s no reason for you not to get this done to keep yourself safe. If you haven’t already, do it now before you forget!

What custom rules do you have set in your firewall? Any tips you can offer on configuring them? Let us know in the comments!

Image Credit: Geekr

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Gavin Britton
    October 24, 2012 at 7:50 pm

    Thank you, this has expanded my knowledge of linux, im a little bit of a linux novice, does this apply to Ubuntu also?

  2. Efi Dreyshner
    October 19, 2012 at 11:41 am

    Don't need GUI for configuring the firewall ;)

  3. RaMaN
    October 16, 2012 at 1:55 am

    Thanks for this. I don't even know that my firewall is turned off. BTW installing it didn't given me much. All that can be done through terminal easily.
    PS there is a typo in article where it reads "people -will- high needs"

    • Danny Stieben
      October 16, 2012 at 6:25 am

      True, but there are still those who are computer illiterate and still use Ubuntu (possibly because of family suggestions). A GUI is usually the preferred route for them, I believe. :)

      Thanks for pointing that out!

      • RaMaN
        October 16, 2012 at 10:03 am


      • dragonmouth
        January 29, 2013 at 9:07 pm

        To paraphrase what Joel Lee pointedly told me some time ago "an average user has problems choosing between Firefox, Opera and Chrome and you want them to set up a firewall, let alone create new rules."

  4. Scott Reyes
    October 16, 2012 at 12:27 am

    Perfect... just what ive been looking for to keep an ssh server guarded :D.... well ... so lonng as no one spoofs their address(assuming it works like that).

  5. Harish Jonnalagadda
    October 15, 2012 at 7:25 pm

    Thanks! This will come in handy..