This project demonstrates secure network configuration and firewall management on a Linux host using UFW (Uncomplicated Firewall).
It showcases foundational firewall concepts—default policies, rule creation, IPv4/IPv6 management, ICMP behavior, logging, and troubleshooting—mirroring real-world junior sysadmin and security operations responsibilities.
- Project Overview
- Why This Project Matters
- Technologies Used
- Objectives
- Key Achievements
- Skills Demonstrated
- Firewall Configuration Walkthrough
- Key Takeaways
- Recommendations for Future Enhancements
This project demonstrates how to configure and manage the UFW firewall on Linux to enforce secure inbound and outbound traffic policies.
The configuration steps reflect core system administration tasks:
- Setting default deny/allow rules
- Opening only necessary services
- Managing IPv4 and IPv6 rule sets
- Implementing logging for visibility
- Validating rule behavior through testing
These steps build foundational knowledge for secure Linux system hardening.
- Reinforces secure system configuration principles
- Demonstrates least-privilege network access
- Highlights differences between IPv4 and IPv6 firewall behavior
- Shows practical firewall rule creation, deletion, and testing
- Builds confidence in using UFW for real-world system security
- Linux (Ubuntu-based systems)
- UFW (Uncomplicated Firewall)
- Bash
- IPv4 & IPv6
- ICMP / ping testing
- Configure UFW to enforce secure network boundaries
- Set and verify default inbound/outbound policies
- Enable and evaluate firewall logging
- Manage service-specific rules (HTTP, HTTPS, SSH)
- Understand IPv4 vs. IPv6 rule creation
- Troubleshoot connectivity using ICMP tools
-
Configured secure default firewall posture
Set “deny incoming” and “allow outgoing” baseline. -
Enabled and validated service-specific rules
Opened ports 22, 80, 443 without unnecessary duplicates. -
Managed duplicate rules efficiently
Demonstrated removal of redundant or conflicting entries. -
Enabled and reviewed UFW logging
Captured allow/deny activity to support troubleshooting. -
Differentiated IPv4 and IPv6 rule behavior
Ensured complete coverage across both protocols. -
Performed successful connectivity and rule validation tests
Verified enforcement using ICMP ping and UFW status reports.
- Linux System Administration
- Firewall Configuration & Hardening
- Traffic Filtering (IPv4 & IPv6)
- Rule Creation, Deletion, and Management
- Logging and Visibility Enhancements
- Troubleshooting Network Connectivity
sudo ufw statusExample Output:
Status: active
To Action From
22/tcp ALLOW Anywhere
Anywhere DENY 192.168.1.100
22/tcp (v6) ALLOW Anywhere (v6)
sudo ufw default deny incoming
sudo ufw default allow outgoingCreates a secure baseline: inbound traffic blocked unless explicitly allowed.
sudo ufw allow http
sudo ufw allow https
sudo ufw allow 80
sudo ufw allow 443Note: Running both
allow httpandallow 80creates duplicate rules.
Use deletion to clean up:
sudo ufw delete allow 80ping -c 4 8.8.8.8Confirms outbound traffic is allowed.
sudo ufw logging onLogs stored at:
/var/log/ufw.log
sudo ufw status verboseChecks:
- Default inbound/outbound policies
- IPv4 & IPv6 rules
- Logging level
- Any deny/allow rules in effect
sudo ufw allow <port/service>
sudo ufw deny <port/service>
sudo ufw delete allow <port/service>Examples:
sudo ufw deny 23/tcp
sudo ufw delete allow http- UFW provides a simple yet powerful firewall interface
- Default deny/allow rules create a strong security baseline
- Duplicate rules can occur (service vs port syntax) and should be managed intentionally
- IPv4 and IPv6 rules are created separately and must be handled as such
- Logging provides visibility into allow/deny decisions
- Connectivity testing is essential for validating configuration changes
- Implement rate limiting for SSH (e.g.,
ufw limit ssh) - Add application profiles under
/etc/ufw/applications.d/ - Explore nftables as next-level firewall configuration
- Add monitoring using tools like Fail2Ban
- Test UFW rule conflicts and ordering behavior