ufw

Verify Status

sudo ufw status
#output
Status: inactive
--OR--
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

Enable the FW

sudo ufw enable
#output
Firewall is active and enabled on system startup

Disable the FW

sudo ufw disable

See FW Rules

sudo ufw status
#output
Status: active

To                         Action      From
--                         ------      ----
Anywhere                   DENY        10.10.10.10

Change the Default Policy

sudo ufw default deny outgoing
sudo ufw default deny incoming

View ufw App List

sudo ufw app list | grep Nginx
#output
Nginx Full
Nginx HTTP
Nginx HTTPS

Block an IP Address/Subnet

sudo ufw deny from 10.10.10.10
sudo ufw deny from 10.10.10.10/24

Block Incoming Connections to a Network Interface

sudo ufw deny in on eth0 from 10.10.10.10

Allow Incoming Connections to a Network Interface

sudo ufw allow in on eth0 from 10.10.10.10

Allow an IP in

sudo ufw allow from 10.10.10.10

Deleting Rules

sudo ufw status numbered
#output
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere                   DENY IN     10.10.10.10             
[ 2] Anywhere on eth0           ALLOW IN    10.10.10.11 

#now delete the rule
sudo ufw delete 1

Allow by Application

sudo ufw allow “OpenSSH”
#output
Rule added
Rule added (v6)

Disable by Application

#get status 
sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                               
Nginx Full                 ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)                   
Nginx Full (v6)            ALLOW       Anywhere (v6) 
#remove the service you want to deny 
sudo ufw allow "Nginx HTTPS"
--OR--
sudo ufw delete allow "Nginx Full"

Credit and Further Reading

https://www.digitalocean.com/community/tutorials/ufw-essentials-common-firewall-rules-and-commands

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ufw.md

ufw.md

ufw

Verify Status

Enable the FW

Disable the FW

See FW Rules

Change the Default Policy

View ufw App List

Block an IP Address/Subnet

Block Incoming Connections to a Network Interface

Allow Incoming Connections to a Network Interface

Allow an IP in

Deleting Rules

Allow by Application

Disable by Application

Credit and Further Reading

Files

ufw.md

Latest commit

History

ufw.md

File metadata and controls

ufw

Verify Status

Enable the FW

Disable the FW

See FW Rules

Change the Default Policy

View ufw App List

Block an IP Address/Subnet

Block Incoming Connections to a Network Interface

Allow Incoming Connections to a Network Interface

Allow an IP in

Deleting Rules

Allow by Application

Disable by Application

Credit and Further Reading