Frontend for iptables aiming to make configuration of a firewall easier.
More information: <https://wiki.ubuntu.com/UncomplicatedFirewall>.
Show ufw rules, along with their numbers:
ufw status numbered
Enable ufw:
ufw enable
Disable ufw:
ufw disable
Deny all incoming traffic
ufw default deny incoming comment 'deny all incoming traffic'
Allow ssh incoming traffic
ufw limit in ssh comment 'allow SSH connections in'
Allow outgoing traffic
ufw allow out 53 comment 'allow DNS calls out'
ufw allow out 123 comment 'allow NTP out'
ufw allow out http comment 'allow HTTP traffic out'
ufw allow out https comment 'allow HTTPS traffic out'
ufw allow out 68 comment 'allow the DHCP client to update'
To deny any traffic on port 99, use the command below:
ufw deny 99
Add new rule
ufw allow from 1.2.3.4 app WWW
check added rule
ufw status verbose
Delete rule
ufw delete 1
start UFW
ufw enable
status of UFW
ufw status verbose
check logs
grep -i ufw /var/log/syslog
Allow incoming traffic on port 5432 on this host with a comment identifying the service:
ufw allow 5432 comment "Service"
Allow only TCP traffic from 192.168.0.4 to any address on this host, on ports 22 & 80:
ufw allow proto tcp from 192.168.0.4 to any port 22,80
Deny traffic on port 80 on this host:
ufw deny 80
Deny all UDP traffic to ports in range 8412:8500:
ufw deny proto udp from any to any port 8412:8500
Delete a particular rule. The rule number can be retrieved from the `ufw status numbered` command:
ufw delete rule_number
