Firewall Check on Linux: Free Audit

Firewall is on and configured

Check firewall status

First, determine which firewall system your distribution uses:

Ubuntu/Debian (UFW)

Check UFW status:

sudo ufw status verbose

Enable UFW if not active:

sudo ufw enable

Set default policies (recommended):

sudo ufw default deny incoming
sudo ufw default allow outgoing

Recommended UFW Settings

For optimal security, always configure UFW with these default policies:

sudo ufw default deny incoming
sudo ufw default allow outgoing

This creates a "default deny" policy that blocks all incoming connections while allowing outbound traffic, providing maximum security with minimal configuration.

Fedora/CentOS/RHEL (firewalld)

Check firewalld status:

sudo firewall-cmd --state
sudo firewall-cmd --list-all

Enable firewalld if not active:

sudo systemctl enable --now firewalld

Set default zone (usually public is appropriate):

sudo firewall-cmd --set-default-zone=public

Arch Linux (iptables/nftables)

Check iptables rules:

sudo iptables -L -n -v

For basic protection, install and enable ufw:

sudo pacman -S ufw
sudo systemctl enable --now ufw
sudo ufw enable

Basic firewall configuration

Allow essential services

For UFW (Ubuntu/Debian):

# Allow SSH (be careful with remote systems!)
sudo ufw allow ssh

# Allow HTTP/HTTPS if running web server
sudo ufw allow 'Apache Full' # or nginx
sudo ufw allow 443/tcp

For firewalld (Fedora/CentOS/RHEL):

# Allow SSH
sudo firewall-cmd --permanent --add-service=ssh

# Allow HTTP/HTTPS
sudo firewall-cmd --permanent --add-service=http
sudo firewall-cmd --permanent --add-service=https

# Reload to apply changes
sudo firewall-cmd --reload

Testing and verification

Verify your firewall is working:

# Test from another machine
nmap -sS [your-ip-address]

# Check listening ports
sudo netstat -tuln
# or
sudo ss -tuln

SSH Warning

Be extremely careful when configuring firewalls on remote systems. Always ensure SSH access is allowed before enabling the firewall, or you may lock yourself out of the system.

Pro Tips

Use fail2ban alongside your firewall for additional protection against brute force attacks
Regularly review and update your firewall rules
Consider using port knocking for additional SSH security
Log dropped connections to monitor attack attempts

Important Notes

Firewalls don't protect against all types of attacks
Applications can still be vulnerable even behind a firewall
Keep your system and applications updated regardless of firewall status
Consider using application-level firewalls for additional protection