Firewall installation and configuration in Kali Linux

Posted: November 24, 2017 in kali Linux
Tags: , , , ,

Firewall installation and configuration in kali Linux.Basically after reading this article you will have complete knowledge of Firewall installation and configuration on Kal Linux in Detail.

You can easily manage,troubleshoot Firewall related problems after reading this simple and concise article on UFW and GUFW Firewall Configuration Tutorial.You will be able to enable,Disable,reset,Reload,Append and delete Firewall rules in kali Linux .

In this Firewall configuration tutorial we will Learn:
How to install UFW Firewall in Kali Linux.
How to Install GUFW Firewall in Kali Linux
How to Configure UFW Firewall in kali Linux.
How to Allow or Deny Services like http,https,Mysql,samba,ssh,ftp using Firewall in kali Linux.
How to Allow or Deny certain ip addresses using UFW Firewall.
How to Enable and Disable Firewall rules.
How to Reset or Reload Firewall rules.
How to delete Firewall rules.
How to allow or Deny Certain range of PORTS.
In Kali Linux There are two firewall implementation Method:
1.ufw(Through command line)
2.gufw(Through GUI Interface)

Before installing these packages we need to update kali linux package using below command.

root@kali:~/Desktop# apt-get upgrade

 

Now install command line Firewall (UFW)
root@kali:~# apt-get install ufw
How to List of Applications supported by UFW Firewall:

login as: satish
satish@192.168.0.101’s password:

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Could not chdir to home directory /home/satish: No such file or directory

$ su – root
Password:
root@kali:~# clear

root@kali:~# ufw app list
Available applications:
AIM
Bonjour
CIFS
DNS
Deluge
IMAP
IMAPS
IPP
KTorrent
Kerberos Admin
Kerberos Full
Kerberos KDC
Kerberos Password
LDAP
LDAPS
LPD
MSN
MSN SSL
Mail submission
NFS
Nginx Full
Nginx HTTP
Nginx HTTPS
OpenSSH
POP3
POP3S
PeopleNearby
SMTP
SSH
Samba
Socks
Telnet
Transmission
Transparent Proxy
VNC
WWW
WWW Cache
WWW Full
WWW Secure
XMPP
Yahoo
qBittorrent
svnserve

Check Firewall status using below command:
root@kali:~# ufw status
 Status: inactive

root@kali:~# ufw status verbose
 Status: inactive

 

Now enable firewall using below command.
root@kali:~# ufw enable
 Firewall is active and enabled on system startup
Again test Firewall status :
root@kali:~# ufw status verbose
 Status: active
 Logging: on (low)
 Default: reject (incoming), allow (outgoing), disabled (routed)
 New profiles: skip

 

Allow services by there NAME or by PORT NUMBER:
root@kali:~# ufw allow 80/tcp
 Rule added
 Rule added (v6)

root@kali:~# ufw allow 22/tcp
 Rule added
 Rule added (v6)

root@kali:~# ufw allow samba
 Rule added
 Rule added (v6)

 

Now verify the Firewall Rules after Adding these Rules.
root@kali:~# ufw status verbose
 Status: active
 Logging: on (low)
 Default: reject (incoming), allow (outgoing), disabled (routed)
 New profiles: skip

To Action From
 -- ------ ----
 80/tcp ALLOW IN Anywhere
 22/tcp ALLOW IN Anywhere
 137,138/udp (Samba) ALLOW IN Anywhere
 139,445/tcp (Samba) ALLOW IN Anywhere
 80/tcp (v6) ALLOW IN Anywhere (v6)
 22/tcp (v6) ALLOW IN Anywhere (v6)
 137,138/udp (Samba (v6)) ALLOW IN Anywhere (v6)
 139,445/tcp (Samba (v6)) ALLOW IN Anywhere (v6)

 

 

Now you can clearly see the output and understand the rule i have applied through command line.

 

See the Firewall rules also by Name for easiness.

 

root@kali:~# ufw status numbered
 Status: active

To Action From
 -- ------ ----
 [ 1] 80/tcp ALLOW IN Anywhere
 [ 2] 22/tcp ALLOW IN Anywhere
 [ 3] Samba ALLOW IN Anywhere
 [ 4] 80/tcp (v6) ALLOW IN Anywhere (v6)
 [ 5] 22/tcp (v6) ALLOW IN Anywhere (v6)
 [ 6] Samba (v6) ALLOW IN Anywhere (v6)

 

Let’s Secure a web server by blocking http(80) service and allowing https(443) service only.
root@kali:~# ufw deny 80
 Rule updated
 Rule updated (v6)

root@kali:~# ufw allow 443
 Rule added
 Rule added (v6)
Check the Firewall rules:
root@kali:~# ufw status numbered
 Status: active

To Action From
 -- ------ ----
 [ 1] 80/tcp ALLOW IN Anywhere
 [ 2] 22/tcp ALLOW IN Anywhere
 [ 3] Samba ALLOW IN Anywhere
 [ 4] 80 DENY IN Anywhere
 [ 5] 443 ALLOW IN Anywhere
 [ 6] 80/tcp (v6) ALLOW IN Anywhere (v6)
 [ 7] 22/tcp (v6) ALLOW IN Anywhere (v6)
 [ 8] Samba (v6) ALLOW IN Anywhere (v6)
 [ 9] 80 (v6) DENY IN Anywhere (v6)
 [10] 443 (v6) ALLOW IN Anywhere (v6)

 

How to Allow or Deny a Certain range of PORT:
root@kali:~# ufw allow 21:80/tcp
 Rule added
 Rule added (v6)
root@kali:~# ufw deny 100:1000/tcp
 Rule added
 Rule added (v6)

Now Check the Firewall rules we have applied above:
root@kali:~# ufw status numbered
 Status: active

To Action From
 -- ------ ----
 [ 1] 80/tcp ALLOW IN Anywhere
 [ 2] 22/tcp ALLOW IN Anywhere
 [ 3] Samba ALLOW IN Anywhere
 [ 4] 80 DENY IN Anywhere
 [ 5] 443 ALLOW IN Anywhere
 [ 6] 21:80/tcp ALLOW IN Anywhere
 [ 7] 100:1000/tcp DENY IN Anywhere
 [ 8] 80/tcp (v6) ALLOW IN Anywhere (v6)
 [ 9] 22/tcp (v6) ALLOW IN Anywhere (v6)
 [10] Samba (v6) ALLOW IN Anywhere (v6)
 [11] 80 (v6) DENY IN Anywhere (v6)
 [12] 443 (v6) ALLOW IN Anywhere (v6)
 [13] 21:80/tcp (v6) ALLOW IN Anywhere (v6)
 [14] 100:1000/tcp (v6) DENY IN Anywhere (v6)

 

How to Allow or deny certain IP Address in UFW Firewall:

root@kali:~# ufw allow from 192.168.0.100
 Rule added
root@kali:~# ufw deny from 172.24.0.200
 Rule added

Now Again check the firewall rules:
root@kali:~# ufw status numbered
 Status: active

To Action From
 -- ------ ----
 [ 1] 80/tcp ALLOW IN Anywhere
 [ 2] 22/tcp ALLOW IN Anywhere
 [ 3] Samba ALLOW IN Anywhere
 [ 4] 80 DENY IN Anywhere
 [ 5] 443 ALLOW IN Anywhere
 [ 6] 21:80/tcp ALLOW IN Anywhere
 [ 7] 100:1000/tcp DENY IN Anywhere
 [ 8] Anywhere ALLOW IN 192.168.0.100
 [ 9] Anywhere DENY IN 172.24.0.200
 [10] 80/tcp (v6) ALLOW IN Anywhere (v6)
 [11] 22/tcp (v6) ALLOW IN Anywhere (v6)
 [12] Samba (v6) ALLOW IN Anywhere (v6)
 [13] 80 (v6) DENY IN Anywhere (v6)
 [14] 443 (v6) ALLOW IN Anywhere (v6)
 [15] 21:80/tcp (v6) ALLOW IN Anywhere (v6)
 [16] 100:1000/tcp (v6) DENY IN Anywhere (v6)
How to Allow a Particular network
root@kali:~#ufw allow from 192.168.0.0/24

Now above command will allow all ip from network 192.168.0.0/24

How to  Block a Particular network
root@kali:~#ufw deny from 192.168.1.0/24

Now above command will block all ip from network 192.168.1.0/24
How to Delete a Particular Firewall rules:

we want to delete Rules of Line Number 4

root@kali:~# ufw delete 4
 Deleting:
 deny 80
 Proceed with operation (y|n)? y
 Rule deleted
How to Reset Everything or Reload Firewall rules:
root@kali:~# ufw reset
 Resetting all rules to installed defaults. Proceed with operation (y|n)? y
 Backing up 'user.rules' to '/etc/ufw/user.rules.20171124_072802'
 Backing up 'before.rules' to '/etc/ufw/before.rules.20171124_072802'
 Backing up 'after.rules' to '/etc/ufw/after.rules.20171124_072802'
 Backing up 'user6.rules' to '/etc/ufw/user6.rules.20171124_072802'
 Backing up 'before6.rules' to '/etc/ufw/before6.rules.20171124_072802'
 Backing up 'after6.rules' to '/etc/ufw/after6.rules.20171124_072802'

 

root@kali:~# ufw status numbered
 Status: inactive

To allow a specific IP address to access specific service:

For example here i will allow ip address 192.168.0.100 to access FTP service only.

root@kali:~# ufw allow from 192.168.0.100 to any port 21 proto tcp
Rule added
root@kali:~#

 

UFW Firewall Configuration file:

root@kali:~# cat /etc/ufw/before.rules

root@kali:~# cat /etc/ufw/after6.rules

How to enable Logging:
root@kali:~# ufw logging on
Logging enabled


How to Set Default Rules:
#ufw default allow outgoing
#ufw default deny incoming

		
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s