You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

2.0 KiB

Alias Tag Date DocType Hierarchy TimeStamp location CollapseMetaTable
UFW
Server
Firewall
2021-10-04 Personal NonRoot
51.514678599999996
-0.18378583926867909
Yes

Parent:: Selfhosting, Server Alias, Server Cloud, Server Tools, Server VPN


name Save
type command
action Save current file
id Save

^button-UFWSave

Configuring UFW

title: Summary
collapse: open
Description of basic commands for UFW

style: number


Installation and activation

UFW should be installed by default in Ubuntu servers. If not, see below.

Installation of UFW

~~~bash
sudo apt install ufw
~~~

Activation of UFW

~~~bash
sudo ufw status
~~~

If disabled:

~~~bash
sudo ufw enable
~~~


Basic commands

UFW rules status

~~~bash
sudo ufw status
~~~

Commands can be appended:

  • verbose: details incoming/outgoing rules
  • numbered: display rule numbers

UFW rule management

Allow / Deny
~~~bash
sudo ufw allow/deny
~~~

Then:

Type to allow Syntax
IP from (ip address/range)
Port (portnumber)/(protocol)
Service (service name)
Protocol proto (protocol name)

Rule priority

Certain rules like IP denial need to be put on top of the rule stack as UFW reads rules in order one after another. Insert the following in the command to force insertion:

~~~bash
insert 1 (or any place in the pecking order)
~~~

Complex rule syntax

Finer rules can be defined with the following syntax.

rule condition syntax
connecting IP from (ip or any)
internal IP to (ip or any)
protocol proto (protocol or any)
port port (port or any)
outgoing traffic out