Enable or block firewall access

Ubuntu comes equipped with the Uncomplicated Firewall (ufw) but the firewall is not enabled by default. Because Ubuntu does not have any open network services (except for basic network infrastructure) in the default installation, a firewall is not needed to block incoming attempted malicious connections.

For more information about how to use ufw, see the online documentation.

Turn the firewall on or off

To turn on the firewall, enter sudo ufw enable in a terminal. To turn off ufw, enter sudo ufw disable.

Allow or block specific network activity

Many programs are built to offer network services. For instance, you can share content, or let someone view your desktop remotely. Depending on which additional programs you install, you may need to adjust the firewall to allow these services to work as intended. UfW comes with a number of rules already pre-configured. For instance, to allow SSH connections, enter sudo ufw allow ssh in a terminal. To block ssh, enter sudo ufw block ssh.

Each program that provides services uses a specific network port. To enable access to that program's services, you may need to allow access to its assigned port on the firewall. To allow connections on port 53, enter sudo ufw allow 53 in a terminal. To block port 53, enter sudo ufw block 53.

To check the current status of ufw, enter sudo ufw status in a terminal.

Use ufw without a terminal

You can also install gufw if you prefer to set up the firewall without using a terminal. To install, click this link.

You can launch this program by searching for Firewall Configuration in the Dash. The program does not need to be kept open for the firewall to work.