iSmooth Blog Homelab LinuxStarting a Library for UFW Application Profiles

Starting a Library for UFW Application Profiles

12/23/2020

Hooray, I started experimenting with UFW Firewall and thus I created some custom application profiles specifically for a Linux Ubuntu 20.04 instance runnin on my Homelab hypervisor.

So, I decided to publish and maintain a library to contain any type of application which should enhance the overall firewall experience.

Introduction for UFW Firewall on Linux Ubuntu

Uncomplicated Firewall is an advanced front-end for iptables on Linux which is an awesome firewall at its core. One of its features is Application Profiles which are INI-style files that contain profile information and numerous port settings.

This allows packages to include their own firewall settings and make them available to UFW when installed to use with simple commands.

UFWApp Library for Application Profiles

Anyway, while experimenting with default application profiles that are normally provided for UFW during software packages installation. I found that many of those settings are usually irrelevant and most of the time are very messy with bad description.

In addition, you will find that one application is installing multiple profiles for a single purpose, which is hilarious. In fact, I came up with my own implementation to sort this mess out for you, I call it the UFWApp Library which should be available on GitHub by the time I finish writing this article.


GitHub Repository
Click Here!

List of Available Applications

Please note that application type (eg. Web Server, File Transfer, Secure Shell, ETC) is what actually matters when specifying settings for UFW firewall.
  • Apache (Web Server)
  • NGINX (Web Server)
  • OpenSSH (Secure Shell)
  • Postfix (Mail Submission)
  • Dovecot (Mail Management)
  • VSFTPD (File Transfer)
  • FileZilla (File Transfer)
  • Odoo (Odoo Server)
  • Jekyll (Jekyll Server)

These and many more, any other alternative for such applications should apply.

How to Install UFWApp Library on Linux Ubuntu

Clone the repository provided above into your system and install the required files.

Installation

git clone https://github.com/iSmoothBlog/UFWApp.git
cd UFWApp
sudo make install

You will find a backup for old profiles in /etc/ufw/backup after installation.

NOTE:

This will swap messy profiles configured on your system to be replaced with UFWApp implementation instead.


Usage

Once installed, proceed to list all applications then exchange * with a selected profile:

sudo ufw app list
sudo ufw allow "*"

A profile selected will work for all applications in the same field. So, continue setting allow rules until you are satisfied.

Finally, you must verify UFW firewall status then reboot your system accordingly.

sudo ufw status
sudo reboot

Enjoy!

No Comments Speak Your Mind

Connect

If you like our content, please consider buying us a coffee.
Thank you for your support!
Buy Me a Coffee

Explore

Discussion