How does Ubuntu 22.10 (Kinetic Kudu) Firewall work ?


If you need to set up your own firewall rules in a very simple way without needing to learn complicated commands, this will guide you through.

Here at FixWebNode, we shall look into how to configure the UFW (Uncomplicated Firewall) Iptables on your Ubuntu Linux system.


What is UFW (Uncomplicated Firewall) ?

By default, UFW is shipped in previous Debian-based Linux distributions such as Ubuntu.

While current versions incorporate Nftables, older versions with Iptables offer the Iptables frontend called UFW.

If UFW isn't installed, you can easily install it by running the apt packages manager command:

$ sudo apt install ufw -y

Once installed, you can check its status via the below command:

$ sudo ufw status

If inactive, you can enable it by running:

$ sudo ufw enable

Once enabled, use the following syntax to open specific ports:

$ sudo ufw allow <Port>

For example, to open port 8080, execute the following command:

$ sudo ufw allow 8080

With UFW, you can specify ports both by their number or by their protocol name. 

For example, to open the ssh port, you can run the following command:

$ sudo ufw allow ssh

You could get the same result by replacing "ssh" with "22".

To close ports, you can use the below syntax ,  you just have to replace "allow" with "deny", as shown below, where port 22 is closed:

$ sudo ufw deny 22

To specify a protocol (UDP or TCP), add a slash after the defined port, followed by the protocol.

Here, port 21 is open specifically through the UDP protocol:

$ sudo ufw allow 21/udp

To allow TCP traffic, you can use the below syntax replacing "udp" with "tcp":

$ sudo ufw allow 21/tcp

You also can deny or allow port ranges, but when doing it, the user must specify the protocol.

Here, the port range between 6000 and 6010 is allowed through the protocol TCP:

$ sudo ufw allow 6000:6010/tcp


How to use the restrictive or unrestricted policies via UFW ?

UFW allows you to define default policies, like restrictive or unrestricted.

By defining a restrictive policy, we deny all traffic through all ports and protocols unless we define exceptions.

Contrary to this, when defining an unrestricted policy, all traffic is allowed unless exceptions are defined.

For example, to deny all incoming traffic by default, execute the below command:

$ sudo ufw default deny incoming

To allow all outgoing traffic, simply execute the command:

$ sudo ufw default allow outgoing


How to allow request from specific IP addresses using UFW ?

Not only a specific port can be allowed or denied for either outgoing or incoming, but also an IP address too. When the IP address is specified in the rule, any request from this particular IP is subjected to just the specified rule; for instance, in the following command, it allows all requests from IP address, then it allows all requests from to both port 80 and 443 ports:

$ sudo ufw allow from

What this means is any device with this IP can send successful requests to the server without being denied in a case when the default rule blocks all incoming connections. This is quite useful for private servers that are used by a single person or a specific network.

Then we enable incoming traffic from a specific IP to port 80, run:

$ sudo ufw allow from to any port 80

To enable traffic from a specific IP to port 443, use:

$ sudo ufw allow from to any port 443


How to allow request from range of IP addresses using ufw ?

When a range of IP addresses is involved, it's difficult to manually add each IP address record to a firewall rule to either deny or allow, and thus IP address ranges can be specified in CIDR notation, which typically consists of the IP address, and the amount of hosts it contains and IP of each host.

Here, it uses the following two commands. You will notice that it uses /24 netmasks, and thus the rule is valid from to IP addresses. 

$ sudo ufw allow from

In the second example, the same rule is valid for port number 25 only. So if incoming requests are blocked by default, now the mentioned IP addresses are allowed to send requests to port number 25 of the server.

The below command allows traffic from a specific subnet to port 25:

$ sudo ufw allow from to any port 25


How to remove rule using ufw on Ubuntu ?

Rules can be removed from the firewall. 

The below command lines up each rule in the firewall with a number:

$ sudo ufw status numbered

The following command will help to delete the rule by specifying the number belonging to the rule:

$ sudo ufw delete 4

This will delete rule 4, which allows traffic through port 21/UDP.

When requested to confirm the operation, type "y" and press ENTER.

Finally, to start over the firewall configuration, use the following command:

$ sudo ufw reset

This is quite useful if the firewall starts working oddly or if the firewall behaves in an unexpected manner.

In some cases, you might want to disable the default firewall in order to test the network or when a different firewall is intended to install. The below command completely disables the firewall and allows all incoming and outgoing connections unconditionally:

$ sudo ufw disable


[Need to fix your Ubuntu Linux system issues ? We can help you. ]


Your Cart