Gufw is back - The Ubuntu firewall frontend!

Updated: September 21, 2013

Ufw is the default firewall configuration tool for the Ubuntu family, hence the name. Gufw is the graphical frontend for the said tool, hence its name, too. While underneath all beats the heart of iptables. Anyhow, after several years of hibernation, gufw is back. Not a stranger, by all means, as we had an old tutorial way back when.

Today, I would like to give you a brief tour de fun with the new version, including installation, overview of basic rules and presets, additional configurations, as well as some interesting changes present in the latest release. All in all, if you're a new Linux user, and you feel like you want to try a firewall tool, this might be an interesting topic.

Installation & use

The official website hosts Debian installers for both the long-term Pangolin and the latest Ringtail version, so this means you should be good for Mint, as well as other friends and cousins. The website download buttons will try to open some sort of a program that handles APT links. If you have none specified, you will have to manually browse and choose the software center. It's located under /usr/bin/software-center.

Choose software cneter

When first launched, gufw will not be enabled, so you will have to unlock the interface and start fiddling. Overall, the default policy includes denying incoming connections and allowing outgoing, like most other firewall tools. The tool will also show your currently active connections, both UDP and TCP, both for IPv4 and IPv6 networks.

Default view

You can add rules in a manner of ways. Preconfigured is the simplest way, as you can just specify one of the several hundred existing templates. It's quite simple. Allow or deny, in or out, application or service, and finally the desired name. For example, in my screenshot, you can see that we have added the SSH service to the rules list of allowed incoming connections, which lets us connect remotely to our box.

Preconfigured rule

Under the Simple tab, you can specify ports or services, which means you know your way around, as well as the protocol. The Advanced tab lets also configure ports and port ranges, plus source and destination IP addresses. You can expand even further by ticking the Show extended actions checkbox, and then you will get even more options available.

Simple rule

Advanced rules

Indeed, if you just follow the GUI wizard, you will quickly have configured your rules, and soon your firewall will be doing its magic. Do note that even if you close the GUI, the rules remain active, so your system has an active firewall protection and control. Moreover, you also get visual cues in the Listening Report, using a color code to indicate the connections matching your rules. Cushty, ain't it.

 SSH works Added new rule


This is a very simple tutorial, but I am quite glad to see gufw reborn and revitalized, with a new skin, an even simpler and more pleasing interface, and the same robust and useful workflow that can appeal to newbies and skilled users alike. Of course, there's a limit to how much a graphical firewall tool can help you navigate the networking waters, but if you have the need, you won't go wrong with gufw.

In a manner, gufw might also help you master the understanding of your system and the networking stack, as you could be inclined to take a risk that you would not by using the command line. Best of all, reset to defaults is extremely simple, and you can always turn the firewall off if you mess up horribly. But you shouldn't, because you have this guide.


You may also like: