Ubuntu Linux, like many Linux distributions, does not have a firewall set up by default. Too many new users, this might sound a bit weird, as the Linux platform has the perception of having superior security to that of Windows and Mac. The truth is that Ubuntu, for most users, may not need a firewall. It’s a lesser-known operating system, and though increasing in popularity, users are secure due to it still being relatively unknown.
If you’re concerned about the traffic coming in and out of your Ubuntu Linux PC, you need to install and set up a firewall system. Luckily, the GUFW firewall exists, and it makes setting up essential protection incredibly simple.
Note: the GUFW firewall system works with other Ubuntu-like operating systems. If you’re running Elementary OS, Linux Mint, ZorinOS or a distribution that uses the same underlying base as Ubuntu, feel free to follow the instructions below too!
Install GUFW on Ubuntu
The GUFW firewall is a front-end system to the UFW command-line firewall on Linux. It is available to all Ubuntu Linux users through the primary Ubuntu software sources. To install the software, open up Ubuntu Software Center. Once the Software Center is open and ready to use, find the search icon on the top right and click it with the mouse.
In the search box, type “gufw” in and press the Enter key. Pressing the Enter key should start a search through the Ubuntu Software Center, and show a list of results. Click on the blue and white shield icon with the label of “Firewall Configuration,” and click on it to go to its app page.
On the app page in Ubuntu Software Center for GUFW, click the “Install” button. Selecting this button will instantly start the app installation process.
Don’t want to install the GUFW firewall app on your Ubuntu PC through the Ubuntu Software Center application? Open up a terminal window by pressing Ctrl + Alt + T or Ctrl + Shift + T on the keyboard. Then, use the Apt command below to install the app.
sudo apt install gufw -y
Enable the GUFW Firewall on Ubuntu
With the GUFW firewall installed, it’s time to enable the firewall for basic purposes on your Ubuntu PC. To do this, press Alt + F2 on the keyboard. Pressing this keyboard combination will bring up the command-launcher on the desktop. Then, type in the following command to launch the GUFW firewall app.
After entering the command into the app launcher, press the Enter key to start it up. You’ll see a pop-up asking to enter your password. Do so, and you’ll gain access to the firewall app.
With GUFW open, you’ll notice that the default status is “OFF.” Since the status is set to off, Ubuntu isn’t blocking or filtering traffic through the firewall. To change this, locate the “Status” section, and click the slider to change it from “OFF” to “ON.”
The GUFW firewall system comes with three preset security profiles. These security profiles come with pre-configured filtering rules that take care of all of the tedious security rules.
The default security profile that GUFW is using when its status is changed from “OFF” to “ON,” is the “Home” profile. This profile has standard security rules and enables ports users are most likely to use. “Home” is an excellent profile to go with if you’re not that worried about security.
To switch to this profile, click “Profile” and select “Home.”
The “Public” security profile is the strictest security profile available for the GUFW firewall system. It comes with rigorous filtering features, and generally is one to go with if you’re paranoid.
To switch to this profile, click “Profile” and select “Public.”
The “Office” security profile for GUFW is about the same as the “Home” one. This one is a good one to use if you need a spare “Home” profile, or if you plan on setting up special rules at your workplace.
To switch to this profile, click “Profile” and select “Office.”
Allow traffic through the firewall
To allow traffic through the GUFW firewall on Ubuntu, follow the step-by-step instructions below.
Step 1: Find “rules” and select it.
Step 2: Click the “+” sign at the bottom left portion of the app window.
Step 3: Click on the “Preconfigured” tab.
Step 4: Find “Policy” and set it to “Allow.”
Step 5: Find “Direction,” and set it to “In,” or “Out,” or “Both,” depending on your needs.
Step 6: Find “Application,” and look through the menu list to allow a particular application through the firewall. Or, type the name of the application or service in the filter search box.
Step 7: Select “Add” to add the new rule to the GUFW firewall.
Deny traffic through the firewall
To deny traffic through the GUFW firewall on Ubuntu, follow these step-by-step instructions.
Step 1: Find “rules” and select it.
Step 2: Click the “+” sign at the bottom left section of the app window.
Step 3: Click on the “Preconfigured” tab in the pop-up that appears.
Step 4: Find “Policy” and set it to “Deny.” Or select “Reject.”
Step 5: Find “Direction,” and set it to “In,” “Out,” or “Both.”
Step 6: Find “Application,” and look through the menu list to deny traffic from a specific application through the firewall. Or, type the name of the application or service in the filter search box.
Step 7: Select the “Add” button to add the new rule to the GUFW firewall.