2016-01-01 15:31:10 +00:00
|
|
|
# ufw
|
|
|
|
|
|
|
|
> Uncomplicated Firewall.
|
2023-10-02 07:54:49 +01:00
|
|
|
> Frontend for `iptables` aiming to make configuration of a firewall easier.
|
2021-06-25 05:43:37 +01:00
|
|
|
> More information: <https://wiki.ubuntu.com/UncomplicatedFirewall>.
|
2016-01-01 15:31:10 +00:00
|
|
|
|
|
|
|
- Enable ufw:
|
|
|
|
|
|
|
|
`ufw enable`
|
|
|
|
|
|
|
|
- Disable ufw:
|
|
|
|
|
|
|
|
`ufw disable`
|
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
- Show ufw rules, along with their numbers:
|
2016-05-17 12:31:03 +01:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
`ufw status numbered`
|
2016-05-17 12:31:03 +01:00
|
|
|
|
2017-10-06 15:37:07 +01:00
|
|
|
- Allow incoming traffic on port 5432 on this host with a comment identifying the service:
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2020-10-04 18:33:38 +01:00
|
|
|
`ufw allow {{5432}} comment "{{Service}}"`
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
- Allow only TCP traffic from 192.168.0.4 to any address on this host, on port 22:
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-09-01 06:20:48 +01:00
|
|
|
`ufw allow proto {{tcp}} from {{192.168.0.4}} to {{any}} port {{22}}`
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
- Deny traffic on port 80 on this host:
|
2016-01-01 15:31:10 +00:00
|
|
|
|
2016-08-28 10:51:54 +01:00
|
|
|
`ufw deny {{80}}`
|
|
|
|
|
2022-03-14 12:45:33 +00:00
|
|
|
- Deny all UDP traffic to ports in range 8412:8500:
|
2016-08-28 10:51:54 +01:00
|
|
|
|
2022-03-14 12:45:33 +00:00
|
|
|
`ufw deny proto {{udp}} from {{any}} to {{any}} port {{8412:8500}}`
|
2016-08-28 10:51:54 +01:00
|
|
|
|
2016-09-01 11:32:55 +01:00
|
|
|
- Delete a particular rule. The rule number can be retrieved from the `ufw status numbered` command:
|
2016-08-28 10:51:54 +01:00
|
|
|
|
|
|
|
`ufw delete {{rule_number}}`
|