2025-03-14 21:59:59 -06:00
|
|
|
# ufw
|
|
|
|
|
|
|
|
|
|
> Uncomplicated Firewall.
|
|
|
|
|
> Frontend for `iptables` aiming to make configuration of a firewall easier.
|
|
|
|
|
> More information: <https://wiki.ubuntu.com/UncomplicatedFirewall>.
|
|
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
- Enable `ufw`:
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`sudo ufw enable`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
- Disable `ufw`:
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`sudo ufw disable`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
- Show `ufw` rules, along with their numbers:
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`sudo ufw status numbered`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Allow incoming traffic on port 5432 on this host with a comment identifying the service:
|
|
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`sudo ufw allow 5432 comment "{{Service}}"`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Allow only TCP traffic from 192.168.0.4 to any address on this host, on port 22:
|
|
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`sudo ufw allow proto tcp from 192.168.0.4 to any port 22`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Deny traffic on port 80 on this host:
|
|
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`sudo ufw deny 80`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Deny all UDP traffic to ports in range 8412:8500:
|
|
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`sudo ufw deny proto udp from any to any port 8412:8500`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Delete a particular rule. The rule number can be retrieved from the `ufw status numbered` command:
|
|
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`sudo ufw delete {{rule_number}}`
|
