This is an old revision of the document!
On Ubuntu and Debian the process is identical, so just open a terminal and type:
sudo apt-get install gufw
Once installed just run gufw from the terminal. Make sure you change status to on. In order to open a port just go to rules and an advanced rule opening port 22 would be something like:
Name: SSH Insert: 0 Policy: Allow Direction: In Interface: All Interfaces Protocol: TCP From: <blank> <blank> To: <blank> <22>
This opens SSH from anywhere to your PC. Obviously this is an example, you would change or add rules as appropriate for your use case.
Example:
Notes:
Audit your firewall settings:
Sometimes it is useful to compare what services are running on Debian vs what you have open as ports. I will do this now on my box to show an example.
First run this command to get a list of services listening on ports on your machine:
sudo lsof -i -P -n | grep LISTEN
So here is the output:
Relevant info is this:
sshd 1356 root 3u IPv4 21334 0t0 TCP *:22 (LISTEN) sshd 1356 root 4u IPv6 21336 0t0 TCP *:22 (LISTEN) dnsmasq 1593 nobody 6u IPv4 29102 0t0 TCP 192.168.121.1:53 (LISTEN) dnsmasq 1639 nobody 6u IPv4 27153 0t0 TCP 192.168.122.1:53 (LISTEN) teamviewe 2195 root 12u IPv4 41331 0t0 TCP 127.0.0.1:5939 (LISTEN) qemu-syst 4145 libvirt-qemu 10u IPv4 47982 0t0 TCP 127.0.0.1:5900 (LISTEN) qemu-syst 4240 libvirt-qemu 10u IPv4 44892 0t0 TCP 127.0.0.1:5901 (LISTEN) gnome-rem 56014 aragorn 40u IPv6 369452 0t0 TCP *:3389 (LISTEN) cupsd 425618 root 7u IPv6 3274437 0t0 TCP [::1]:631 (LISTEN) cupsd 425618 root 8u IPv4 3274438 0t0 TCP 127.0.0.1:631 (LISTEN) nxplayer. 1049675 aragorn 27u IPv4 5971216 0t0 TCP 127.0.0.1:52574 (LISTEN) nxclient. 1049735 aragorn 6u IPv4 5973212 0t0 TCP 127.0.0.1:48595 (LISTEN)