You can simple install GUFW, that stands for Graphical Uncomplicated Firewall. It is a personal firewall with a graphical settings menu that is easy to use.
Make sure your system is up to date before installing it. So just enter
sudo pacman -Syu
to make sure it is updated, then click on the Firewall button in the welcome screen.
Even though we provide the graphical settings app for UFW, I show you the command line settings to understand UFW better.
You can put these settings in the graphical app also.
After installation UFW isn’t enabled by default, so the first step is to enable the firewall with this command:
sudo systemctl start ufw.service
Now you’ve enabled the firewall for this session. I’m going to give you some basic settings.
UFW and in general all firewall tools use “rules” to enable or disable package arrive/receive to any computer.so by default, you must allow any outgoing traffic to be stream and reject any incoming traffic by:
sudo ufw default allow outgoing sudo ufw default deny incoming
Rules can be added in two ways: By denoting the port number or by using the service name.
For example, to allow both incoming and outgoing connections on port 22 for SSH, you can run:
sudo ufw allow ssh
sudo ufw allow 22
and these are other samples:
sudo ufw allow 80/tcp sudo ufw allow http/tcp sudo ufw allow 1725/udp sudo ufw allow 1725/udp sudo ufw allow from 188.8.131.52/24 sudo ufw allow from 184.108.40.206 to any port 22 proto tcp
To remove a rule, add
delete before the rule implementation. If you no longer wish to allow HTTP traffic, you could run:
sudo ufw delete allow 22
You can check the status of UFW at any time with the command:
sudo ufw status. This will show a list of all rules, and whether or not UFW is active:
Status: active To Action From -- ------ ---- 22 ALLOW Anywhere 80/tcp ALLOW Anywhere 443 ALLOW Anywhere 22 (v6) ALLOW Anywhere (v6) 80/tcp (v6) ALLOW Anywhere (v6) 443 (v6) ALLOW Anywhere (v6)
Now you’re almost ready, the last step you have to do is to enable firewall with every boot by typing this command:
sudo systemctl enable ufw.service
If you prefer a GUI interface for your settings you can use the graphical app GUFW which only needs to get installed:
sudo pacman -S gufw
and enable the firewall service:
systemctl enable --now ufw.service
This will enable and start the needed firewall service.
Now you can start the GUI and start or stop the firewall on your needs:Connect with us: