The Linux OS is known for its flexibility, robustness, and security. Maintaining a secure Linux system includes managing inbound and outbound network traffic, often done through a firewall. UFW (Uncomplicated Firewall) is a popular choice in Linux for this purpose.
In this guide, we will concentrate on blocking specific IP addresses using UFW in Linux. It’s a practical skill for Linux system administrators aiming to uphold secure and stable systems.
How to Install UFW
UFW is included in the default installation of many Linux distributions. In case it’s not available in your distribution, you can install it using the package manager for your specific distribution.
For example, on Ubuntu or any Debian-based system, you can install it using the following commands:
$ sudo apt-get update $ sudo apt-get install ufw
For systems like Fedora, CentOS, or any other RedHat-based distributions:
$ sudo dnf install ufw
How to Enable UFW
To activate UFW, use the following command:
$ sudo ufw enable
This command will initiate the firewall immediately and set it to start at system boot. To check the firewall status
$ sudo ufw status
How to Block an IP Address
To prevent an IP address using UFW, use the deny command followed by the target IP address. For instance, to block 192.168.1.100, use the following command:
$ sudo ufw deny from 192.168.1.100
This command will prevent all incoming traffic from the IP address 192.168.1.100.
To block a specific port for the IP address, such as port 22 (SSH), adjust the command as follows:
$ sudo ufw deny from 192.168.1.100 to any port 22
This command will restrict all incoming traffic on port 22 from the IP address 192.168.1.100.
After adding the rules, confirm their successful addition with:
$ sudo ufw status
UFW offers an uncomplicated and user-friendly approach to handling firewall rules in Linux. This guide detailed the process of blocking a specific IP address using UFW. Mastering UFW empowers you to enhance the security of your Linux systems by regulating allowed and blocked traffic.
However, exercise caution when blocking an IP address. Ensure you’re not blocking crucial services or necessary IP addresses for your system or network operations. Regularly review your UFW rules and monitor your system’s behavior after making any changes.