Port management in Linux Ubuntu/Debian/CentOS.
Port Management in Linux Ubuntu/Debian/CentOS
It doesn’t take long from ordering a server on hosting to making the first connection. This process usually only takes a few minutes. However, although the server is ready for use, it is not yet protected from external threats—similar to a newborn baby. Therefore, configuring a firewall is essential to secure the server.
What is a Port in Linux?
In the context of networking, a port is a numeric identifier that specifies the particular application or service receiving or sending a request. Data exchange between network nodes occurs through ports, which can be managed via a firewall. Managing server ports is crucial for security and traffic control. There are two main port types:
TCP Ports: Used for establishing reliable connections between hosts.
UDP Ports: Allow data exchange without establishing a connection.
Port Management in Ubuntu/Debian
Iptables are often used in Ubuntu and Debian for port management, with its simplified interface being UFW (Uncomplicated Firewall). UFW is designed to make firewall rule management more straightforward and accessible. In Ubuntu, UFW is typically pre-installed, whereas in Debian, it must be installed manually.
Before installing UFW, updating the repositories is recommended. Use allow commands to permit access to specific ports or protocols. Below are UFW’s basic commands:
Basic UFW Commands
Enable UFW: Activates the firewall:
sudo ufw enableDisable UFW: Deactivates the firewall temporarily:
sudo ufw disableCheck UFW Status: Displays the firewall’s status and active rules:
sudo ufw status
Managing UFW Rules
Allow Traffic: Allows traffic through specific ports:
sudo ufw allow <port/service> sudo ufw allow 22 sudo ufw allow 80 sudo ufw allow 443Allowing traffic by service name (e.g., SSH/HTTP):
sudo ufw allow OpenSSH sudo ufw allow http sudo ufw allow httpsDeny Traffic: Blocks traffic through specific ports:
sudo ufw deny <port/service> sudo ufw deny 23Delete Rules: Removes an existing rule:
sudo ufw delete <rule> sudo ufw delete allow 80Allow Traffic for a Specific Protocol:
sudo ufw allow <port>/<protocol> sudo ufw allow 80/tcpSet Default Policy:
sudo ufw default allow|deny incoming|outgoing sudo ufw default deny incomingView Rule Numbers: Displays numbered rules for easier management:
sudo ufw status numberedAllow Full Server Access from a Specific IP:
sudo ufw allow from <IP-address> sudo ufw allow from 192.168.1.100Allow Access to a Specific Port from an IP:
sudo ufw allow from <IP-address> to any port <port> sudo ufw allow from 192.168.1.100 to any port 22Allow HTTP Traffic from a Subnet (192.168.1.0/24):
sudo ufw allow from 192.168.1.0/24 to any port 80
Logging and Debugging
Enable Logging:
sudo ufw logging onView Logs: Use
dmesgor check/var/log/ufw.log.
Examples
Allow SSH Traffic (Port 22):
sudo ufw allow SSH sudo ufw allow 22 sudo ufw allow 22/tcpBlock Telnet Traffic (Port 23):
sudo ufw deny 23/tcpAllow HTTP from Local Network:
sudo ufw allow from 192.168.1.0/24 to any port 80
Port Management in CentOS
In CentOS, firewalld is typically used. It is usually pre-installed, but if not, it can be installed as follows:
Installation
sudo dnf update -y
sudo dnf install firewalld -yCheck Firewalld Status:
systemctl status firewalld
Managing Rules
List Allowed Services:
sudo firewall-cmd --permanent --list-allOpen Ports:
sudo firewall-cmd --permanent --add-service=http sudo firewall-cmd --permanent --add-service=https sudo firewall-cmd --permanent --add-service=sshOpen a Specific Port (e.g., MySQL Port 3306):
sudo firewall-cmd --zone=public --add-port=3306/tcpOpen a Range of Ports (e.g., UDP ports 32811-32814):
sudo firewall-cmd --zone=public --add-port=32811-32814/udpVerify Open Ports:
sudo firewall-cmd --zone=public --list-portsBlock Ports:
sudo firewall-cmd --zone=public --remove-port=32814/udpApply Changes: Reload the firewall to apply new rules:
sudo firewall-cmd --reloadDisable Firewalld:
sudo firewall-cmd --disable
Summary
We have covered setting up and managing firewalls in Linux systems like Ubuntu, Debian, and CentOS. This includes adding and removing rules to control server access through specific ports and protocols. Effective port management is essential for ensuring network security.
