0
0
Linux CLIscripting~10 mins

Firewall basics (ufw, iptables) in Linux CLI - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Concept Flow - Firewall basics (ufw, iptables)
Start: No rules
Add rule with ufw or iptables
Rule stored in firewall config
Firewall active: packets checked
Packet matches rule?
NoBlock or default action
Yes
Allow or reject packet
End: Packet processed
The firewall starts with no rules, then rules are added using ufw or iptables. When active, each network packet is checked against these rules to decide if it is allowed or blocked.
Execution Sample
Linux CLI
sudo ufw allow 22
sudo ufw enable
sudo ufw status
sudo iptables -L
This sequence adds a rule to allow SSH (port 22), enables ufw, shows ufw status, then lists iptables rules.
Execution Table
StepCommandActionResult/Output
1sudo ufw allow 22Add rule to allow incoming TCP on port 22Rule added: '22/tcp' ALLOW IN
2sudo ufw enable sudo ufw statusActivate firewall and show current ufw rulesStatus: active 22/tcp ALLOW IN Anywhere
3sudo iptables -LList iptables rulesChain INPUT (policy DROP) ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
4Packet arrives on port 22Check rulesPacket allowed (matches rule)
5Packet arrives on port 80Check rulesPacket blocked (no matching allow rule)
💡 Firewall processes packets until all rules checked; unmatched packets follow default policy (block or allow).
Variable Tracker
VariableStartAfter Step 1After Step 2After Step 3Final
ufw_rulesemptyallow 22/tcp addedshow 22/tcp allowunchanged22/tcp allow
iptables_rulesdefault DROPunchangedINPUT chain has ACCEPT tcp dpt:sshunchangedINPUT chain ACCEPT tcp dpt:ssh
packet_port_22N/AN/AN/AN/Aallowed
packet_port_80N/AN/AN/AN/Ablocked
Key Moments - 3 Insights
Why does 'sudo ufw allow 22' let SSH through but not HTTP on port 80?
Because the rule explicitly allows port 22 only. The execution_table row 5 shows packets on port 80 are blocked since no rule allows them.
What is the difference between ufw and iptables commands here?
ufw is a simpler interface to manage firewall rules, while iptables shows the detailed rules. Execution_table rows 2 and 3 show ufw status and iptables listing respectively.
What happens if a packet does not match any rule?
It follows the default policy, which is usually to block. Execution_table row 5 shows a packet on port 80 blocked due to no matching rule.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what is the output of 'sudo ufw status' at step 2?
AStatus: active 22/tcp ALLOW IN Anywhere
BStatus: inactive
CNo rules configured
DError: command not found
💡 Hint
Check execution_table row 2 under Result/Output.
At which step does the firewall allow packets on port 22?
AStep 1
BStep 4
CStep 5
DStep 3
💡 Hint
Look at execution_table row 4 where packet on port 22 is processed.
If you add a rule to allow port 80, how would the packet on port 80 be handled?
AFirewall would crash
BIt would still be blocked
CIt would be allowed
DPacket would be rejected with error
💡 Hint
Refer to variable_tracker row for packet_port_80 and how rules affect packet handling.
Concept Snapshot
Firewall basics:
- Use 'ufw allow <port>' to add simple rules
- Use 'ufw status' to see rules
- 'iptables -L' shows detailed rules
- Packets checked against rules in order
- Default policy blocks unmatched packets
- ufw is easier; iptables is detailed
Full Transcript
This visual execution shows how firewall rules are added and processed using ufw and iptables. First, a rule is added to allow SSH on port 22 using 'sudo ufw allow 22'. Then, 'sudo ufw status' confirms the rule is active. 'sudo iptables -L' lists the detailed rules, showing the ACCEPT rule for SSH. When a packet arrives on port 22, it matches the allow rule and is accepted. A packet on port 80 does not match any rule and is blocked by default. Variables track the rules and packet states step-by-step. Key moments clarify why only port 22 is allowed and the difference between ufw and iptables. The quiz tests understanding of rule effects and outputs. This helps beginners see how firewall rules control network traffic simply and clearly.