Port Management in Linux Ubuntu/Debian/CentOS

It doesn’t take long from ordering a server on hosting to making the first connection. This process usually only takes a few minutes. However, although the server is ready for use, it is not yet protected from external threats—similar to a newborn baby. Therefore, configuring a firewall is essential to secure the server.

What is a Port in Linux?

In the context of networking, a port is a numeric identifier that specifies the particular application or service receiving or sending a request. Data exchange between network nodes occurs through ports, which can be managed via a firewall. Managing server ports is crucial for security and traffic control. There are two main port types:

• TCP Ports: Used for establishing reliable connections between hosts.

• UDP Ports: Allow data exchange without establishing a connection.

Port Management in Ubuntu/Debian

Iptables are often used in Ubuntu and Debian for port management, with its simplified interface being UFW (Uncomplicated Firewall). UFW is designed to make firewall rule management more straightforward and accessible. In Ubuntu, UFW is typically pre-installed, whereas in Debian, it must be installed manually.

Before installing UFW, updating the repositories is recommended. Use allow commands to permit access to specific ports or protocols. Below are UFW’s basic commands:

Basic UFW Commands

• Enable UFW: Activates the firewall:

  sudo ufw enable

• Disable UFW: Deactivates the firewall temporarily:

  sudo ufw disable

• Check UFW Status: Displays the firewall’s status and active rules:

  sudo ufw status

Managing UFW Rules

• Allow Traffic: Allows traffic through specific ports:

  sudo ufw allow <port/service>
  sudo ufw allow 22
  sudo ufw allow 80
  sudo ufw allow 443

  Allowing traffic by service name (e.g., SSH/HTTP):

  sudo ufw allow OpenSSH
  sudo ufw allow http
  sudo ufw allow https

• Deny Traffic: Blocks traffic through specific ports:

  sudo ufw deny <port/service>
  sudo ufw deny 23

• Delete Rules: Removes an existing rule:

  sudo ufw delete <rule>
  sudo ufw delete allow 80

• Allow Traffic for a Specific Protocol:

  sudo ufw allow <port>/<protocol>
  sudo ufw allow 80/tcp

• Set Default Policy:

  sudo ufw default allow|deny incoming|outgoing
  sudo ufw default deny incoming

• View Rule Numbers: Displays numbered rules for easier management:

  sudo ufw status numbered

• Allow Full Server Access from a Specific IP:

  sudo ufw allow from <IP-address>
  sudo ufw allow from 192.168.1.100

• Allow Access to a Specific Port from an IP:

  sudo ufw allow from <IP-address> to any port <port>
  sudo ufw allow from 192.168.1.100 to any port 22

• Allow HTTP Traffic from a Subnet (192.168.1.0/24):

  sudo ufw allow from 192.168.1.0/24 to any port 80

Logging and Debugging

• Enable Logging:

  sudo ufw logging on

• View Logs: Use dmesg or check /var/log/ufw.log.

Examples

• Allow SSH Traffic (Port 22):

  sudo ufw allow SSH
  sudo ufw allow 22
  sudo ufw allow 22/tcp

• Block Telnet Traffic (Port 23):

  sudo ufw deny 23/tcp

• Allow HTTP from Local Network:

  sudo ufw allow from 192.168.1.0/24 to any port 80

Port Management in CentOS

In CentOS, firewalld is typically used. It is usually pre-installed, but if not, it can be installed as follows:

Installation

sudo dnf update -y
sudo dnf install firewalld -y

• Check Firewalld Status:

  systemctl status firewalld

Managing Rules

• List Allowed Services:

  sudo firewall-cmd --permanent --list-all

• Open Ports:

  sudo firewall-cmd --permanent --add-service=http
  sudo firewall-cmd --permanent --add-service=https
  sudo firewall-cmd --permanent --add-service=ssh

• Open a Specific Port (e.g., MySQL Port 3306):

  sudo firewall-cmd --zone=public --add-port=3306/tcp

• Open a Range of Ports (e.g., UDP ports 32811-32814):

  sudo firewall-cmd --zone=public --add-port=32811-32814/udp

• Verify Open Ports:

  sudo firewall-cmd --zone=public --list-ports

• Block Ports:

  sudo firewall-cmd --zone=public --remove-port=32814/udp

• Apply Changes: Reload the firewall to apply new rules:

  sudo firewall-cmd --reload

• Disable Firewalld:

  sudo firewall-cmd --disable

Summary

We have covered setting up and managing firewalls in Linux systems like Ubuntu, Debian, and CentOS. This includes adding and removing rules to control server access through specific ports and protocols. Effective port management is essential for ensuring network security.