How to Disable Firewall on Linux Ubuntu

Disabling your firewall isn’t usually the right move — but sometimes you need a clean slate.

Whether you’re switching tools or debugging something that just won’t connect, here’s how to safely disable the firewall on Ubuntu and replace it with something more flexible.

1. Check What’s Running

Start by seeing what firewall is active:

sudo ufw status

If you get inactive, UFW isn’t running.

To see if firewalld is active instead:

sudo systemctl status firewalld

Or check for iptables rules:

sudo iptables -L

2. Disable UFW Safely

If UFW is active and you want to disable it:

sudo ufw disable

This will immediately stop the firewall. To prevent it from starting again on reboot:

sudo systemctl disable ufw

To uninstall it completely:

sudo apt remove ufw

3. Install firewalld (Alternative)

If you want something more flexible or zone-based, install firewalld:

sudo apt install firewalld
sudo systemctl enable firewalld
sudo systemctl start firewalld

Check status:

sudo firewall-cmd --state

See default zone:

sudo firewall-cmd --get-default-zone

Example: allow SSH in the public zone:

sudo firewall-cmd --zone=public --add-service=ssh --permanent
sudo firewall-cmd --reload

You can define different zones for home, work, public — way more nuanced than UFW.

4. Use Raw iptables (Not for Most Users)

iptables gives you total control — and no guardrails. Use it only if you know what you’re doing.

Flush all existing rules:

sudo iptables -F

Drop all input:

sudo iptables -P INPUT DROP

Allow SSH back in (or you’ll get locked out):

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

To make changes permanent, install:

sudo apt install iptables-persistent

Then:

sudo netfilter-persistent save

5. Switching Between Firewalls

Only one firewall manager should be active at a time.

If you enable firewalld, disable UFW:

sudo systemctl disable --now ufw
sudo systemctl enable --now firewalld

Same if you’re switching to iptables directly — don’t mix and match.

6. Should You Really Disable Your Firewall?

Quick checklist:

• Just testing something? Use ufw allow or firewalld --add-service first.
• Only on a local VM or dev box? Fine — but note it.
• Running servers exposed to the internet? Do not disable the firewall.

Use your tools intentionally. Disabling security features should be a last resort, not a workaround.

Last updated: 2025-04-09 21:35 UTC