How to Open Ports in Ubuntu (Guide)

Introduction

Having a Firewall configured and with the right rules is important to maintain the security of the system. To make a suitable configuration it is convenient to know how to open ports in distributions as popular as Ubuntu. Besides, if you install an application that requires Internet access through a certain port, then you will most likely need to open it. So, let’s get started.

In Ubuntu, there is an application called UFW (Uncomplicated Firewall) that makes it much easier to manage IPTables in Ubuntu. As such, IPTables is the firewall of Linux systems, but it is somewhat difficult to work with. But, UWF is very easy to use.

Enabling UFW on Ubuntu

UFW is installed by default in Ubuntu and any derivative of it. The detail is that it comes disabled by default. So I promise that you have to enable it.

So, open a terminal from the Ubuntu main menu. Once it is open, check that UFW is indeed disabled.

sudo ufw status

You probably have a screen output like this:

Status: inactive

Then, to enable it, just execute this command:

sudo ufw enable

Output:

Firewall is active and enabled on system startup

And now if you check the status of the UFW, it should indicate that it is active:

sudo ufw status

The screen output will have to be similar to this:

Status: active

Now you have successfully achieved the first step.

How to open Ports on Ubuntu

As a security policy, most of the Linux distributions, block all the input ports of our computer. Of course, this is also the case with Ubuntu.

However, if your computer offers a service to other members of the network or the Internet such as database, FTP, and others, then it is necessary to enable some ports. So, it is important, in that sense, to open only those ports that are strictly necessary.

The basic syntax is as follows:

sudo ufw allow <port>

For example, if you want to open the port 90 just run this command:

sudo ufw allow 90

Output:

Rule added
Rule added (v6)

In the previous example, the port 90 is opened for both TCP and UDP.

Also, it is possible to specify which protocol you want for that port. For example:

sudo ufw allow 91/tcp

Output:

Rule added
Rule added (v6)

The above command only enables TCP packets on port 91.

If you want to open the port by UDP, just replace tcp by udp.

sudo ufw allow 91/udp

Output:

Rule added
Rule added (v6)

Enabling connections by service

Sometimes you do not know which ports you have to open and it is better to do it for services.

By enabling connection by service, what the UFW does is open the port associated with that service. This way you don’t have to know the port, but only the service you want.

The syntax is very similar only that the parameter you have to add is not a port but a service.

sudo ufw allow <service-name>

For example, if you want to enable SSH connections, just run this command:

sudo ufw allow ssh

Output:

Rule added
Rule added (v6)

If you want to know what other services are available on your system for use in UFW, you can run this command:

sudo systemctl -r --type service --all

Disable ports on Ubuntu

To reverse the changes you have previously made, simply reverse the process. That is, you have to disable the use of the ports in the system.

The syntax is quite similar to allow, except that the command after ufw is deny.

sudo ufw deny <port>

Also, you can specify the protocol as in the previous command.

sudo ufw deny 90/tcp

Or:

sudo ufw deny 90/udp

Conclusion

Now that you know how to open ports in Ubuntu you have no excuse to try and add even more security to your system. Also, you’ve learned how to disable it and increase security.

If you want more information you can check the entry dedicated to UFW in the Ubuntu wiki.