Home > How To > Open ports on UFW (uncomplicated Firewall – Ubuntu)

Open ports on UFW (uncomplicated Firewall – Ubuntu)


Open ports on UFW (uncomplicated Firewall – Ubuntu).
I wanted to unblock 5432 port for a PostGre SQL setup.
Here is how you do it.
To check status for firewall
ahmed@ahmed-work-horse:~$ sudo service ufw status
ufw start/running
you can also use this command to check status
ahmed@ahmed-work-horse:~$ sudo ufw status
Status: inactive
ahmed@ahmed-work-horse:~$ sudo ufw status
Status: inactive
ahmed@ahmed-work-horse:~$ sudo ufw enable 
Firewall is active and enabled on system startup

If the status is not stopped/waiting, you can enable it using the below command
ahmed@ahmed-work-horse:~$ sudo ufw enable
To open a port say 5432:
ahmed@ahmed-work-horse:~$ sudo ufw allow 5432
To block/close an opened port:
ahmed@ahmed-work-horse:~$ sudo ufw deny 5432
To remove a rule, use delete followed by the rule:
ahmed@ahmed-work-horse:~$ sudo ufw delete deny 5432

It is also possible to allow access from specific hosts or networks to a port. The following example allows ssh access from host 192.168.0.2 to any ip address on this host:
ahmed@ahmed-work-horse:~$ sudo ufw allow proto tcp from 172.16.167.2 to any port 5432
Rules updated
ahmed@ahmed-work-horse:~$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
5432/tcp                   ALLOW       172.16.167.2

ahmed@ahmed-work-horse:~$

Replace 172.16.167.2 with 172.16.0.0/24 to allow port 5432 access from the entire subnet.
ufw can be disabled by:
ahmed@ahmed-work-horse:~$ sudo ufw disable
Thats it!!!.
Advertisements
Categories: How To

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: