How To Install And Configure UFW Firewall On A Raspberry Pi 4

6, Jan 2021 | Raspberry Pi | 3 comments

Today we are going to be showing you how to install and configure UFW firewall on a Raspberry Pi 4. We are only covering the basics but may add a more advanced tutorial in the future.

What is Uncomplicated Firewall (UFW)?

UFW is a free firewall that you can use to control the IPTABLES on Linux operating systems. It is much user friendly than manually editing configuring IPTABLES. It gives a simple command-line interface to input smaller commands to achieve the same outcome. Hence its name Uncomplicated Firewall.

Today we are showing you how to install and configure UFW on a Raspberry Pi 4 however you can use the same process/commands to install UFW on any Linux device.

So lets get started.

Difficulty = Medium

How to install and configure UFW Firewall on a Raspberry Pi 4.

To install UFW in a terminal type the following:

sudo apt-install ufw -y

Now UFW is installed but it is not turned on.

It is very important!! that if you are using SSH to connect to your Raspberry Pi 4 that you open the SSH Port in UFW before you enable the firewall.

If you don’t do this first you will get locked out and will need to physically connect a monitor and keyboard to get terminal access to your Pi.

To open the SSH port using the service name and default port. Run this command:

sudo ufw allow ssh

Alternatively, you can use the command below. This command is especially useful if you have decided to change the port number from the default of 22 to “1984” for example.

You can also add the protocol you require either tcp or udp.

You can even add a comment so it can remind you if you ever have to edit the UFW ports again in the future.

If you have not changed the default SSH port then you will need to use port 22 and not 1984 as stated below in our example.

sudo ufw allow 1984/tcp comment "SSH"

All we need to do now is enable UFW

sudo ufw enable

Then press “y” and “enter” at the command prompt.

We will now need to open a fresh Terminal window so we can test that we can still connect over SSH. We need to confirm that the UFW firewall updated correctly.

Open a new Terminal window and connect via SSH.

If your using the default SSH port you can run this

ssh [email protected]

If you changed your SSH port you will need to use the following command

ssh -p 1984 [email protected]

If you can connect ok all is set up and working correctly.

A few more useful UFW terminal commands:

Check your UFW Firewall status:

sudo ufw status verbose

To remove a port from the firewall list:

To do this you first need to know its rule number. To get this list first run:

sudo ufw status numbered

Now you should see the list of ports with a number for each entry. Select the correct number to remove the entry. Remember that once you remove a port entry the numbered list will completely change so it is wise to recheck again running the above command.

Say the port we want to delete was [ 3] 22/tcp ALLOW IN IP

We will run the following :

sudo ufw delete 3

Disable the firewall:

If you have a connection problem it is a good idea to temporarily disable the firewall and then retest to see if you can connect. If you can then the problem is clearly Firewall related.

To disable the the UFW Firewall use the following command:

sudo ufw disable

Let us know in the comments below anything you would add to this basic guide or any other useful command you may know that may help others.

We need your support.

We hope you enjoyed this article and that it was helpful and you got benefit out of it.

If you did, please consider supporting our channel by Subscribing to our YouTube channel, and liking and sharing our content.

You can also make a donation via Paypal or become a Patreon if you wish to do so.

You can also follow us on Facebook or Twitter.

3 Comments

  1. Boney12

    Great Post. Thanks

    Reply
  2. Guest

    You open port 1984 and try to use port 1981 later.
    It will not work.

    Reply
    • Addicted2Tech

      well spotted and thank you for letting us know I have updated the post.

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

<a href="https://www.addictedtotech.net/author/attadmin/" target="_self">Addicted2Tech</a>

Addicted2Tech

We love technology and enjoy sharing helpful FREE content for others to enjoy. We believe in community. If you like what we do please support us by sharing and liking our tutorials & Subscribing to our YouTube channel. You can also follow us on social media.

Support Our Work!

Donate Via Patreon

Raspberry Pi 4 Model B [8GB] RAM Single Board Computer

Last update on 2022-12-02 / Affiliate links / Images from Amazon Product Advertising API

CanaKit Raspberry Pi 4 Extreme Kit – 128GB Edition (4GB RAM)

Last update on 2022-12-02 / Affiliate links / Images from Amazon Product Advertising API

We Are An Affiliate!

Just so you know, we may collect a share of sales or other compensation from the links on this page. As an Amazon Associate I earn from qualifying purchases.

The Affiliate link recommendations come at no extra cost to you.

We hope you love the products we recommend!

Thank you if you use our links, we really appreciate it!

Related Posts