I am a newbie to this domain, so i kept researching on ufw and iptables. But I cant distinguish them clearly because in every article /blog both of these names are present and I am really confused whether these are similar or not. I know ufw is a firewall(if i am not wrong), but why is it always linked with iptables? What is better a firewall or an iptable? Thank you.
Asked
Active
Viewed 3.0k times
14
-
Iptables can do everything, but it is hard to set up. Ufw solves this, but it has lesser skills. – peterh Apr 28 '20 at 06:02
-
Hello @peterh-ReinstateMonica thank you for your comment, so what type of skills does iptables have more than ufw?Any website where I can find these? Does those skills apply only to ufw or for all types of firewalls? – HelloWorld Apr 28 '20 at 06:14
-
You have to understand that (currently) ufw is implemented over iptables. So whatever you do in ufw will end up as iptables. So that's simple logic that tells that whatever ufw can do, iptables can do it. The reverse might not be true. – A.B Apr 28 '20 at 09:56
1 Answers
26
NON-FORMAL ANSWER (Original)
I ain't afraid of no quake i mean firewall! [ref.1]
TL;DR
a simple image about pizza can answer sometimes many questions :)
Take a good look at this picture, then read the text below:
(IMAGE) New Pizza as a Service — by David Ng - (Source article on Oursky)
We start from the left (blue means, you have to manage it, green means the vendor/software manages it)
- Made at Home - Netfilter (Nightmare - Damn I'm Good)
- Take and Bake - Iptables (Hard - Come Get Some)
- Delivery - UFW (Normal - Let's Rock)
- Dining out - Some 1-clicks or predefined setups (Easy - Piece of Cake)
UFW is something like a simplistic interface to get basic things done with your firewall.
How much you want to manage, depends solely on you :)
THE LONGER PART
part I: i found a pretty decent and easy to understand article for the UFW: Understanding UFW (on HackerNoon)
part II: this guide shows you the slight deeper using of iptables: The Beginner’s Guide to iptables, the Linux Firewall (on HowToGeek)
part III: here are informations about the packetfilter, this is the basis of many firewall solutions A Deep Dive into Iptables and Netfilter Architecture (on DigitalOcean)
the parts are based on hierarchy, top is dependant on the lower ones.
[ref.1] (From Duke Nukem 3D - Referencing id Software's 1996 PC FPS game Quake)
[trivia] (The difficulty levels are taken from Duke Nukem 3D)
FORMAL ANSWER (As we get older, answers evolve)
TL;DR
UFW and Iptables are related because UFW is essentially a simpler interface for managing Iptables. The main difference between them is, how much control you want over your firewall configuration:
Netfilter: The lowest level, making pizza from scratch at home. Requires the most knowledge but gives you the most control.
Iptables: A layer on top of Netfilter. It's like buying a pizza kit that you cook yourself. You have less control, but it's easier to manage.
UFW: Further simplification, similar to ordering a pizza for delivery. You have even less control, but it's even easier to use.
Predefined setups: The simplest option, it's like dining out at a restaurant. You have minimal control, but it's the easiest to use. The 'better' choice depends on your needs and comfort level with managing firewall rules.
Further Reading
UFW: This HackerNoon article provides a good overview of UFW.
Iptables: This HowToGeek guide goes a bit deeper into using Iptables.
Netfilter: This DigitalOcean article dives deep into the architecture of Iptables and Netfilter, which is the foundation for many firewall solutions.
For the pizza analogy, refer to this image from Oursky.
Stefano
- 425
- 4
- 5
-
3dude, thank you! besides being a good read it makes me wanna play duke 3d once again... good times! – resi Jan 06 '21 at 13:00
-
3
-