Uncomplicated firewall (ufw) is commonly the simplest choice in case you need a firewall through software (written in python). El software will apply the parameters of configuration in the iptables of our system to speed up the process of configuration of new rules. Iptables rules apply directly at the kernel level, so check if you have added Netfilter to your kernel.
Debian || Ubuntu:
apt install ufw
pacman -S ufw
emerge -a ufw
If you are using the default kernel configuration of your distribution, already have all the modules and drivers installed then you doesn’t need to worry about. If not, check if your loaded kernel configuration has the Netfilter option is enabled.
zcat /proc/config.gz | grep CONFIG_NETFILTER=
In case there is an “n” recompile your kernel with the added Netfilter functionality.
After installing ufw, we can start using it inmediatly. First of all, you are probably connected to your server using an ssh connection so check the port in wich you have your remote session established with. We need to check that for allowing the connections on that port before enabling ufw on our system. In my case it is:
ufw allow 22/tcp
Previously we have said that ufw is based on iptables, so that these changes that we have made through ufw, have had an immediate effect that we can see in more detail.
It is time for the rules that we have set to enter into action
We can check all the table information from the previous iptables command in a summary
By default ufw is gonna act as a DROP (aka DENY) with all the unwanted traffic, wich results in a “timeout” result in case of sending a request wich is not allowed on our firewall. If you prefer to obtain a response for example if the port is closed, you can chenge that behaviour from /etc/default/ufw and change DEFAULT_INPUT_POLICY=”REJECT”