Debian

How to Set Up a Firewall with UFW on Debian 11

1 year ago
by Zainab Rehman
The UFW or uncomplicated firewall is a simple command line tool that manages the net filter firewall. It used the iptables command for the configuration. It provides command tasks allowing or blocking pre-configured, individual ports and P2P. Apart from the command line tool UFW has GUI tools as well.

In this guide, we will install and set up the Firewall with UFW on Debian 11.

How To Install a Firewall with UFW on Debian 11

The UFW has been available by default in Debian since 10. In Debian 11 you can install it through a simple command:

sudo apt install ufw

How To Setup a Firewall with UFW on Debian 11

Before starting the configuration of UFW enable the IPv6 on your Debian system to ensure the UFW manages firewalls for IPv6 in addition to IPv4. To configure this, open the file via the following command:

sudo nano /etc/default/ufw

In the file locate the IPV6 and ensure the value is yes. Save the file and UFW is enabled for both IPV6 and IPV4.

By default, the UFW is set to deny all the incoming connections and allow all the outgoing connections. To enable the incoming connection first you need to create rules that allow the incoming SSH or HTTP connections.

To allow your server incoming ssh connections run the following command:

sudo ufw allow ssh

To allow the HTTP connection run the following command:

sudo ufw allow http

How to Enable UFW on Debian 11

To enable the UFW on Debian 11 run the following command, you will be prompted that says the enabling ufw might interpret the existing ssh connection, enter yes:

sudo ufw enable

The firewall is now active on your system, run the verbose command to check all the rules you have set for your system:

sudo ufw status verbose

How to Configure All UFW Incoming and Outgoing Connections on Debian 11

To deny all the incoming connections run the following command:

sudo ufw default deny incoming

To allow all the incoming connections use the allow options:

sudo ufw default allow incoming

To allow all the outgoing connections execute the following command:

sudo ufw default allow outgoing

Run the following command to deny all the outgoing connections:

sudo ufw default deny outgoing

The firewall is now configured on Debian 11, allowing only those connections that your server needs and limiting unnecessary connections.

How to Disable the Firewall on Debian 11

If you no longer want to use the UFW, you can disable it through the following command:

sudo ufw disable

You can use the reset command to start over again in the ufw:

sudo ufw reset

Bottom Line

UFW is a powerful firewall tool also known as an uncomplicated firewall to improve the security of Linux systems. The main purpose of the UFW is to keep a check on the network connections. It keeps track of all the incoming and outgoing connections and only those connections can access the network that is allowed by the firewall. In this detailed guide, we have provided the steps to install and set up the firewall with UFW on Debian 11.

About the author

Zainab Rehman

I'm an author by profession. My interest in the internet world motivates me to write for Linux Hint and I'm here to share my knowledge with others.

View all posts