Feb

6

Ubuntu 8.04 “Hardy” Quick Review - Uncomplicated Firewall

Filed Under Development 

I installed Ubuntu 8.04 “Hardy” Alpha 4 a day or two ago and I finally got some time to poke around with some of the new features. The new features that are of the most interest to me are the security related features such as firewalling, SELinux, etc.

note: SELinux will not be default in Ubuntu 8.04 but the Ubuntu Hardened team has been working hard on getting it usable. If you’d like to help in the testing and development of SELinux on Ubuntu join our team!

The feature that I played with this afternoon is Ubuntu’s “Uncomplicated Firewall”. I have to say that when I first heard we were going to reinvent the wheel again (I mean, we have iptables, right?) I was a little discouraged. After playing with ufw I have to say I am pretty impressed.

ufw is simply a front-end to iptables. We’re still using the same iptables/netfilter underneath, just not requiring iptables syntax–trying to make things a little more “for human beings” I suppose you could say.

Now I may not be the “standard” Ubuntu user as seen by the rest of the Linux world. I know my way around Linux, spend the majority of my time on the command line and even teach Linux for a living. What I’m trying to say is I’m familiar enough with iptables, so I wondered how we could possibly make it easier. Well they did a good job. Here are a few examples:

sudo ufw default deny - sets the default policies to deny (drop)

sudo ufw allow 22/tcp - allows tcp connections on port 22

sudo ufw deny 25 - denies connections on port 25 (tcp/udp)

sudo ufw allow proto udp 192.168.0.1 port 53 to 192.168.0.2 port 53 - we can even be specific between source and destination ports and ips.

… you get the idea. It’s really simple, nearly human readable syntax. I still think iptables is pretty easy, but I think I’ll be perfectly comfortable using ufw as a front-end to iptables moving forward with Ubuntu 8.04 “Hardy”.

I post tutorials very regularly on this site. You may want to consider subscribing to the RSS feed. Or if you'd prefer these tips sent to your inbox you can use Email Subscriptions.

Related Posts

Random Posts

-->

Comments

2 Responses to “Ubuntu 8.04 “Hardy” Quick Review - Uncomplicated Firewall”

  1. bastianazzo on February 6th, 2008 3:52 pm

    it seems very nice and clean!! and, most of all, not reinventing the wheel again, but making just another already working tool, simpler and more usable :)

  2. André Gondim on February 6th, 2008 3:53 pm

    Like I said in my blog, it´s a good time to learn firewall.

    ;)

Leave a Reply




    OSCON


    OSCON 2008

    Subscribe to the RSS feed!


    subscribe to the ubuntu tutorials RSS feed

    Polls


  • Regarding the Ads on Ubuntu Tutorials...

    View Results

    Loading ... Loading ...

  • Blogroll

    • Ads by Google