How to install and configure a graphical firewall client in Ubuntu 10.10

To create a custom rule, click on the Add button on the main Gufw window. The rule creation window has three tabs – Preconfigured, Simple and Advanced. From the Preconfigured, you can create very broad rules for a preset number of applications and services. The preset services are: FTP, HTTP, IMAP, NFS, POP3, Samba, SMTP, ssh, VNC and Zeroconf, and the preset applications or programs are: Amule, Deluge, KTorrent, Nicotine, qBittorrent, and Transmission.

gufw4
Preconfigured rules

The Simple tab allows you to create rules with a port number defined. This makes it possible to create rules for services and applications not preset in the Preconfigured tab.

gufw5
Gufw's simple rules creation interface

The Advanced tab makes it possible to create more specific rules using source and destinations ports and addresses.

gufw6
Gufw's advanced rules creation interface

The example below creates a rule from the Preconfigured tab allowing ssh traffic into a host. While this makes it easy for anybody to create a firewall rule, it lacks specificity. In this example, ssh traffic from all sources would be allowed in. That’s not a good thing, unless that is what you want.

gufw7
Using pre-configured services

Once a rule has been created, it will be shown in the main window of Gufw. You may also view the rule from a shell terminal by typing sudo ufw status.

gufw8
Generated rules in the main Gufw window

This second example shows how to create a rule from the Simple tab. The example shown in the image below is for a rule allowing ssh traffic in to the host.

gufw9
Creating rules in the Simple tab

Rather than use a service or application name, you could just specify the port number associated with that application or service. To repeat the ssh rule in the example above using a port number, you would specify port 22, which is the default port for ssh.

gufw10
Simple rule creation with port number

This example shows how to create a rule from the Advanced tab. The rule shown in the image below allows ssh traffic from all hosts in a network to a particular host in another network. Note: The IP addresses used in these rules do not represent addresses used in a real case.

gufw11
Advanced rule creation

What if you want to create a rule to allow IPsec VPN traffic. First, you need to know the port numbers involved in an IPsec conversation. These would be port 50 for the Encapsulating Security Payload (esp), and port 51 for the Authentication Header (ah). Thus to create the rule for esp, you would use the port number as shown below.
gufw12

To create a rule for the Authentication Header, you would specify port 51.
gufw13

Related Posts

Dual-boot Windows 7, Linux Mint Debian Edition 2 on a PC with UEFI firmware Linux Mint Debian Edition (LMDE) is a desktop distribution that's based on Debian. It's from the same folks responsible for Linux Mint, which is based...
How to install Java Runtime on Zenwalk 6.2 Zenwalk is a Slackware-based, Linux operating system. Version 6.2, the latest release, does not come with Java Runtime Environment (jre) installed. W...
How to configure LVM on Pardus 2011 Pardus is a Linux distribution with roots in the National Research Institute of Electronics and Cryptology (UEKAE), Turkey. It is one of many distribu...
The most affordable FreeBSD-supported Cloud/VPS hosting providers Looking for a Cloud/VPS hosting provider that supports FreeBSD? Your search is more than half way done. That's because I have gone through the off...
Manual full disk encryption setup guide for Ubuntu 13.10 & Linux Mint 16 This tutorial presents a step-by-step guide on how to configure full disk encryption manually on Ubuntu 13.10 and Linux Mint 16. It will also work for...
Ubuntu 12.04 Precise Pangolin beta 1 screen shots The first beta version of what will become Ubuntu 12.04, Precise Pangolin, has just been released. The final, stable version will be released by the e...

We Recommend These Vendors and Free Offers

ContainerizeThis 2016 is a free, 2-day conference for all things containers and big data. Featured, will be presentations and free, hands-on workshops. Learn more at ContainerizeThis.com

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).

Want to become an expert ethical hacker and penetration tester? Request your free video training course of Online Penetration Testing and Ethical Hacking

Whether you're new to Linux or are a Linux guru, you can learn a lot more about the Linux kernel by requesting your free ebook of Linux Kernel In A Nutshell.


4 Comments

  1. Pingback: Links 21/10/2010: Tinycore 3.2, WebOS 2.0 | Techrights

  2. Pingback: Linux News » How to install and configure a graphical firewall client in Ubuntu 10.10

  3. Pingback: A graphical firewall client for Maverick « 0ddn1x: tricks with *nix

  4. Pingback: First time Ubuntu user, need help! - Overclock.net - Overclocking.net

Leave a Comment

Your email address will not be published. Required fields are marked *

*