You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2.0 KiB
2.0 KiB
Alias | Tag | Date | DocType | Hierarchy | TimeStamp | location | CollapseMetaTable | |||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
2021-10-04 | Personal | NonRoot |
|
Yes |
Parent:: Selfhosting, Server Alias, Server Cloud, Server Tools, Server VPN
name Save
type command
action Save current file
id Save
^button-UFWSave
Configuring UFW
title: Summary
collapse: open
Description of basic commands for UFW
style: number
Installation and activation
UFW should be installed by default in Ubuntu servers. If not, see below.
Installation of UFW
~~~bash
sudo apt install ufw
~~~
Activation of UFW
~~~bash
sudo ufw status
~~~
If disabled:
~~~bash
sudo ufw enable
~~~
Basic commands
UFW rules status
~~~bash
sudo ufw status
~~~
Commands can be appended:
verbose
: details incoming/outgoing rulesnumbered
: display rule numbers
UFW rule management
Allow / Deny
~~~bash
sudo ufw allow/deny
~~~
Then:
Type to allow | Syntax |
---|---|
IP | from (ip address/range) |
Port | (portnumber)/(protocol) |
Service | (service name) |
Protocol | proto (protocol name) |
Rule priority
Certain rules like IP denial need to be put on top of the rule stack as UFW reads rules in order one after another. Insert the following in the command to force insertion:
~~~bash
insert 1 (or any place in the pecking order)
~~~
Complex rule syntax
Finer rules can be defined with the following syntax.
rule condition | syntax |
---|---|
connecting IP | from (ip or any) |
internal IP | to (ip or any) |
protocol | proto (protocol or any) |
port | port (port or any) |
outgoing traffic | out |