Gufw
From:     https://help.ubuntu.com/community/Gufw 


Contents

 Introduction
 Installation
 Usage
 Enabling
 Adding Rules
 Preferences
 Use Gufw without Graphical Environment or Remote Computer
 Requirements
 How use it
 Enable IP forwarding
 Requirements
 How use set it
 Other Resources
 General
 Online Great (Updated) Tutorials in this language




Introduction
Gufw/gufw.png Gufw is a firewall powered by UFW (Uncomplicated Firewall).
For an overview of firewalls, please see Firewall.




Installation
In order to install Gufw, you must have the Universe repository enabled. To
install, use Synaptic, or run from Terminal:
	sudo apt-get install gufw




Usage
IconsPage/menu.png To access GUFW, go to System->Administration->Firewall
configuration.

By default, the firewall is disabled.

	
 disabled.png 




Enabling
To enable the firewall, simply check the Enabled button and the default will
be set to Deny for incoming traffic and Allow for outgoing traffic.

	
 enabled.png 




Adding Rules
To configure the firewall, we add rules. Simply click the Add button and a
new window will pop up. For details about this implementation, see the UFW
page. Rules can be configured for TCP and UDP ports, and UFW has some
preconfigured programs/services to make setting up rules for them easy.

The available options for rules are Allow, Deny, Reject, and Limit:

    

  1. Allow: The system will allow entry traffic for a port.

  2. Deny: The system will deny entry traffic to a port.

  3. Reject: The system will deny entry traffic to a port and will inform the
requesting for connection system that it has been rejected.

  4. Limit: The system will deny connections if an IP address has attempted to
initiate 6 or more connections in the last 30 seconds. 






Preconfigured

The Preconfigured tab gives us some options for controlling firewall options
for common programs and services.
	
 preconfigured.png 

You have several categories and subcategories. You can filter by
name/description/ports too.




Simple

Not all program configurations are available in Gufw, but we can still add
rules for them using the Simple tab.
	
	simple.png 

Again, we'll use the SSH example - let's just pretend for a moment that
there isn't a preconfigured option for it. To enable it in the Simple tab,
select "Allow", "TCP", "22" and click Add.




Advanced
Sometimes we want to configure access based on a specific IP, so we use the
Advanced tab.




Preferences
There are a few preferences available to set in Gufw, and can be controlled from
Edit->Preferences
	
	preferences.png 

Here you can control logging for ufw and for Gufw, create profiles and set
general interface preferences. The default is to enable logging for ufw, and
disable logging for Gufw.




Use Gufw without Graphical Environment or Remote Computer




Requirements
You can use Gufw in a Linux without Graphical Environment (for example an
Ubuntu Server) or from a remote computer. You will need Gufw 13.10.2 or
higher. Just export your X Display. All the operations in Gufw will be apply
in the remote computer.




How use it
Important: If you enable the firewall under ssh without the ssh rule, you'll
close the ssh connection, then before to enable Gufw under a ssh connection,
append the ssh rule using ufw with this command:
	sudo ufw enable ssh

    

  1. From a local computer with Linux:
	
      

    1. Remote computer without graphic environment (IP = 192.168.1.102, Gufw
installed and ssh server).

    2. Local Linux. In the local computer, open a Terminal and run this command:
	ssh user_remote@192.168.1.102 -X
 sudo /usr/bin/gufw-pkexec -ssh

	
	linux1.png 
	
    

  2. From a local computer with Windows:
	
      

    1. Windows IP = 192.168.1.101; Linux IP = 192.168.1.100


    2. Install Putty & Xming.

    3. In Windows: Run XLaunch from the Start Menu and check "No Access Control" in the last step.

    4. Connect to your Linux with Putty and run:

	export DISPLAY=192.168.1.101:0.0
sudo /usr/bin/gufw-pkexec -ssh

	
	win3a.png 

    



    
Enable IP forwarding



    
Requirements

Gufw 14.10 or higher.



    
How use set it
To routing policy and rules, you must setup IP forwarding in the system:

      

    1. Close Gufw

    2. Uncomment these 3 lines in the file /etc/ufw/sysctl.conf: 
	#net/ipv4/ip_forward=1
#net/ipv6/conf/default/forwarding=1
#net/ipv6/conf/all/forwarding=1

    

      

    1. Reload the firewall: 
	sudo ufw reload

Open Gufw, you'll see a new "Routed" option (with an arrow around the shield) 
and you can forward any rule from the Update window or Advanced Tab in Add 
window.
	
	routed.png 



      
Other Resources



      
General

        Basic security


      1. Why is the firewall disabled by default?


      2. Do I need a Firewall for Ubuntu?


      3. Firewall


      4. UFW


      5. UbuntuFirewall - UFW homepage


      6. http://gufw.org - Gufw homepage 

      



      
Online Great (Updated) Tutorials in this language

        

      1. Gufw 11.04:

          

        1. Using gufw to Configure an Ubuntu Firewall


        2. Linux.com. 

        

          

        1. Gufw 10.04:

            

          1. Shadows of epiphany.