1 00:00:06,750 --> 00:00:09,153 - In this video we'll talk about UFW. 2 00:00:10,080 --> 00:00:13,290 So UFW is Uncomplicated Firewall, 3 00:00:13,290 --> 00:00:16,710 and it was developed to work with an intuitive syntax. 4 00:00:16,710 --> 00:00:19,233 You use it on Ubuntu. Let's check it out. 5 00:00:22,530 --> 00:00:24,960 So here we are on the Ubuntu server, 6 00:00:24,960 --> 00:00:29,043 and I'm using sudo ufw status, 7 00:00:32,310 --> 00:00:34,230 where we can see it's inactive. 8 00:00:34,230 --> 00:00:35,520 Well, I want it to be active. 9 00:00:35,520 --> 00:00:36,723 So enable, 10 00:00:37,620 --> 00:00:39,210 and now it is active. 11 00:00:39,210 --> 00:00:41,490 So if we do a status again, 12 00:00:41,490 --> 00:00:44,640 we can see it is active. 13 00:00:44,640 --> 00:00:47,983 So next we are going to specify what we want it to do. 14 00:00:47,983 --> 00:00:52,233 sudo ufw allow ssh. 15 00:00:53,790 --> 00:00:55,323 Oops, that was a typo. 16 00:01:00,270 --> 00:01:02,860 And now the rule is added for IPv4 as well as IPv6. 17 00:01:06,240 --> 00:01:10,263 And we have allow, we can also use reject. 18 00:01:12,030 --> 00:01:14,287 And I'm using reject out ssh. 19 00:01:15,270 --> 00:01:18,060 So that means that we do allow incoming SSH, 20 00:01:18,060 --> 00:01:21,030 we don't allow outgoing SSH. 21 00:01:21,030 --> 00:01:25,110 Next I'm using sudo ufw status, 22 00:01:25,110 --> 00:01:27,873 and we can see exactly what is going on. 23 00:01:30,360 --> 00:01:31,193 So let me use 24 00:01:31,193 --> 00:01:36,080 sudo ufw delete reject out ssh. 25 00:01:38,130 --> 00:01:38,963 That is what you do 26 00:01:38,963 --> 00:01:41,730 if you regret that you've done something. 27 00:01:41,730 --> 00:01:44,100 Now, we can also do more complicated stuff, 28 00:01:44,100 --> 00:01:49,100 like sudo ufw deny proto tcp from 10.0.0.10 to any port 22. 29 00:01:58,350 --> 00:02:03,350 So that means that anything coming from 10.0.0.10, 30 00:02:03,600 --> 00:02:05,430 a specific host, 31 00:02:05,430 --> 00:02:09,930 is not allowed on any network card port 22. 32 00:02:09,930 --> 00:02:13,110 We can verify that using sudo ufw status, 33 00:02:13,110 --> 00:02:17,733 and there we can see the DENY line that is nicely listed. 34 00:02:18,600 --> 00:02:20,560 So sudo ufw reset 35 00:02:21,810 --> 00:02:23,493 will reset everything. 36 00:02:26,640 --> 00:02:28,500 That is your "I'm desperate" option, 37 00:02:28,500 --> 00:02:30,990 and that's easy if you wanna get out. 38 00:02:30,990 --> 00:02:34,680 Now UFW also works with apps. 39 00:02:34,680 --> 00:02:36,690 You can use services. 40 00:02:36,690 --> 00:02:39,630 When we use sudo ufw allow ssh, 41 00:02:39,630 --> 00:02:40,860 it uses a service, 42 00:02:40,860 --> 00:02:44,730 and that corresponds to the service names in /etc/services. 43 00:02:44,730 --> 00:02:49,730 Now I'm going to use sudo ufw app list. 44 00:02:49,800 --> 00:02:52,533 Oops, ufw. 45 00:02:53,790 --> 00:02:55,830 And there we can see that it has 46 00:02:55,830 --> 00:03:00,660 the amazing amount of one application, OpenSSH. 47 00:03:00,660 --> 00:03:02,790 Well, as we only have one application, 48 00:03:02,790 --> 00:03:03,993 I'm bound to using that. 49 00:03:03,993 --> 00:03:08,993 sudo ufw app info OpenSSH. 50 00:03:10,440 --> 00:03:11,790 The applications that you've got 51 00:03:11,790 --> 00:03:13,980 depend on the packages that you have installed. 52 00:03:13,980 --> 00:03:16,230 And on the slide you can see Samba. 53 00:03:16,230 --> 00:03:17,850 I don't have Samba installed, 54 00:03:17,850 --> 00:03:21,480 so I also don't have the application. 55 00:03:21,480 --> 00:03:25,953 Now if I use sudo ufw logging on, 56 00:03:29,370 --> 00:03:32,490 that's what we can use to enable logging. 57 00:03:32,490 --> 00:03:35,370 And finally if you want to know more, 58 00:03:35,370 --> 00:03:37,080 man ufw. 59 00:03:37,080 --> 00:03:38,160 It has a man page, 60 00:03:38,160 --> 00:03:41,580 and in that man page you will find the rule syntax, 61 00:03:41,580 --> 00:03:43,470 containing some examples, 62 00:03:43,470 --> 00:03:48,150 and it's a pretty big man page, and hopefully it's helpful. 63 00:03:48,150 --> 00:03:50,643 That's all I wanted to tell you about UFW.