UFW Command

Posted on In

The default firewall configuration tool for Ubuntu is ufw. ufw allows users to easily configure firewall rules.

To see the manual

1
man ufw

Allow

syntax

1
sudo ufw allow <port>/<optional: protocol>

Example to allow ssh traffic

1
sudo ufw allow ssh

Example to allow tcp traffic on port 53

1
sudo ufw allow 53/tcp

allow from subnet networks

1
2
3
ufw allow from 10.0.0.0/8
ufw allow from 172.16.0.0/12
ufw allow from 192.168.0.0/16

Deny

Example to deny a port 

1
sudo ufw deny 53

Enable and Disable ufw

1
2
ufw disable
ufw enable

Reload

1
ufw reload

Check status

1
ufw status

sample output

1
2
3
4
5
6
7
8
9
10
Status: active

To                         Action  From
--                         ------  ----
22:tcp                     DENY    192.168.0.1
22:udp                     DENY    192.168.0.1
22:tcp                     DENY    192.168.0.7
22:udp                     DENY    192.168.0.7
22:tcp                     ALLOW   192.168.0.0/24
22:udp                     ALLOW   192.168.0.0/24

check status and show rule number

1
ufw status numbered

Delete Rule by Number

To delete a rule, you need to fire use ufw status numbered command to get the rule number and then delete using ufw delete command.

1
ufw delete 3

Reference