Opening DHCP Port Using UFW in Linux OS
13:16, 18.03.2024
A firewall is an essential element of security for any system connected to the web. It is responsible for filtering the traffic, allowing the necessary traffic while blocking the unrelated and potentially harmful.
DHCP Port is a network protocol used to dynamically distribute network configuration parameters, such as IP addresses, subnet masks, gateways, and DNS servers, to devices on a network. When you open DHCP ports using UFW, you are essentially allowing incoming DHCP traffic to reach your system. In particular, this is an essential configuration in case your Linux system needs to obtain its network configuration dynamically from a DHCP server.
In today’s article, we want to share our experience on how to perform the necessary configuration to open a DHCP port using UFW in Linux OS.
Essential Requirements
This guide demonstrates opening DHCP with an Ubuntu machine, so you’ll have to use the commands of the corresponding OS if they differ from the ones of Ubuntu. Also, make sure you have root access to your system.
Setup: UFW Installation and Activating IPv6 Connectivity
UFW is included in a packaged form in an Ubuntu system. However, in most cases, it has yet to be installed.
What you need to do is to perform its installation through the apt packages manager and make sure it allows connections over IPv6.
- Go to the terminal. Issue the command:
sudo apt update -y
-y will make sure that all prompts will be accepted so you don’t have to take extra actions.
- Install UFW:
sudo apt install ufw -y
- Open the UFW config file at /etc/default/ufw with the text editor of your preference. Make sure connections over IPv6 are enabled. Find the IPV6 in the value and set it to YES.
- For changes to take effect, disable and re-enable UFW.
sudo ufw disable && sudo ufw enable
Defining Default Firewall Policies
If you are new to UFW, it’s worth setting up some default policies for your firewall rules, which will be applied to a chain without specific rules yet defined.
Make sure UFW denies all incoming and allows all outgoing connections so no one from the external world can access your server, and you won’t experience any troubles browsing the web:
sudo ufw default deny incoming
sudo ufw default allow outgoing
<H2> Permitting SSH Access via UFW Firewall
SSH access is essential for enabling secure remote access to a system. To permit it, you need to allow incoming traffic on the SSH port (usually port 22). To do it:
- Run and install the OpenSSH server:
sudo apt install openssh-server -y
sudo systemctl start ssh
- Allow SSH traffic with the command:
sudo ufw allow 22/tcp
- Enable UFW:
sudo ufw enable
Enter Y to confirm.
- Verify the rules:
sudo ufw status
You can get more specific information by appending verbose or numbered after status.
verbose displays more detailed information on such aspects as the interface and the current progress of the packet.
numbered displays each rule with a number and the allow or deny status.
Enabling HTTP and HTTPS Traffic
For now, only SSH connections are enabled on your server. To configure the server to its full capacity, you in the first place have to allow further connections, particularly HTTP and HTTPS as well as configure further rules.
To allow incoming HTTP connections, run one of the commands:
sudo ufw allow 80
or:
sudo ufw allow http
To allow incoming HTTPS connections, run one of the commands:
sudo ufw allow https
sudo ufw allow 443
Authorizing Connections within a Defined Port Range and IP Addresses
In many applications, numerous ports are involved. For them to work you’ll need to either open more ports or allow connections from a particular IP.
Run these commands to allow connections on ports from 5001 to 5009.
sudo ufw allow 5001:5010/tcp
sudo ufw allow 5001:5010/udp
Make sure to append tcp and udp, since different protocols use different rules.
The following command will allow SSH connection from a particular IP address:
sudo ufw allow from 192.168.1.100 to any port 22
Restoring Default Settings in UFW
In certain cases, you may need to restore the default settings of UFW. This command will reset the settings of your UFW firewall and delete all the rules.
sudo ufw reset
Enter Y to proceed.
After this procedure, the UFW will be disabled with no rules or settings.
Now you can re-enable UFW to configure it again:
sudo ufw enable
If you prefer not to use it, you can make sure it’s actually disabled.
Wrapping Up
This was the basic guide on how to open DHCP and generally set the UFW firewall on Linux. We hope that the information provided was clear and sufficient for you and that now you have a good idea of configuring the UFW firewall. Thank you for your attention, good luck!