A firewall is a security mechanism that acts as a barrier between a computer network and external networks (such as the Internet) or between different network segments. Its purpose is to monitor and control incoming and outgoing network traffic based on predefined security rules.
While working in the technologically rich era, learning, and implementing the firewall rules is the prior requirement to get hands-on networking systems.
Debian 12, released recently, is frequently practiced by Linux users to test the system’s effectiveness. A firewall is a significant component of the Debian 12 system (like any other Linux system). Thus, you must be aware of the configuration of the latest release of Debian 12. Today’s post will address the ways to configure the firewall on Debian 12.
How to Configure Firewall on Debian 12?
The firewall on Debian 12 can be configured through command line support. For ease, we will use the ufw, which offers an extensive range of commands to configure the firewall. The UFW utility is not installed on the Debian 12 system by default. So, let’s learn about the installation of the UFW on the Debian 12 system:
$ sudo apt install ufw
The terminal support of the UFW is quite effective and easy to adopt and implement. A set of commands can be used to enable and disable firewalls, add/delete firewall rules, and much more. Let’s understand and practice the ufw commands.
Before that, we must know how to use the ufw utility in commands and their possible options. For that, execute the “ufw –help” command as follows:
$ sudo ufw --help
The frequently used ufw option is to enable the firewall before its further implementation:
$ sudo ufw enable
You can disable the firewall via the command as follows:
$ sudo ufw disable
Add Firewall Rule
The best thing about ufw is to add a firewall rule other than the default. The syntax to carry out such an operation is as follows:
$ sudo ufw allow <Name>
You can also add the rules for the specific protocols, such as tcp, udp:
$ sudo ufw allow <Name>/<Protocol>
Allow Ports (or a Specific Port)
To allow ports on a firewall using the ufw utility, use the command and insert the port number inplace of the <port>:
$ sudo ufw allow <port>
Allow a Specific Port on a Specific Protocol
The above-stated command will open up that port for all the incoming connections. However, you can limit the number of connections by specifying the protocol, i.e., tcp, udp:
$ sudo ufw allow <port/protocol>
Deny/Reject Incoming/Outgoing Traffic
Like the allow option of the ufw utility, a deny/reject option denies or rejects any incoming or outgoing traffic on all ports or specific ports. The command in such a case is as follows:
$ sudo ufw [deny/reject] [outgoing/incoming]
Check the Firewall’s Status
The status of the firewall can be checked using the status flag of the ufw command:
$ sudo ufw status
To get more details of the firewall, you can use the verbose flag with the status utility:
$ sudo ufw status verbose
Limit the Connections
If more than attempts are carried out from an IP attempts within 30 seconds, then the limit flag will block that connection to avoid any brute force attack/ hack attempt:
$ sudo ufw limit ssh
Reload the Firewall
Whenever you add/delete any firewall rule or allow/deny any network connection, you have to reload the firewall. The firewall can be reloaded using the command as follows:
$ sudo ufw reload
Whether you are an administrator or a normal Debian user, you must know how to configure the firewall on Debian 12. The ufw utility is the masterpiece to learn and implement the firewall rules. The firewall is a protective shield around your system to prevent it from external attacks or malicious attempts.
The ufw utility offers a range of commands to enable/disable firewalls, add/delete firewall rules, and more. By learning these commands, users can enable or disable the firewall, add specific firewall rules, allow or deny incoming/outgoing traffic, check the firewall’s status, and even limit connections to protect against potential attacks. That’s all about configuring the firewall on Debian 12.