Ufw -The Uncomplicated Firewall

Ufw is the uncomplicated firewall. It is a command line frontend to iptables, and is designed to ease the iptables configuration. There is also a GUI frontend called gufw. Ufw is the firewall program that ships on Ubuntu and most Ubuntu-based distros. On Ubuntu, ufw is disabled by default.

• sudo systemctl enable ufw.service
• sudo systemctl start ufw.service
• sudo systemctl enable ufw.service –now (enables and starts in one command)
• sudo ufw enable (needed only once the first time you install the package)
• systemctl status ufw
• sudo ufw status WARNING! If you are remoting into a server, be careful enabling ufw until you have your rules properly setup, because you may end up losing your connection. By default, ufw denies all connections, including ssh and vnc!

• sudo ufw app list Lists all available ufw applications on your system. This will depend on what programs you have installed on your system.

• sudo ufw default deny
• sudo ufw allow from 192.168.0.0/24 (allow any protocol from inside a 192.168.0.1-192.168.0.255 LAN)
• sudo ufw allow Transmission (allow incoming through Transmission)
• sudo ufw limit SSH (rate limited SSH traffic from anywhere) ufw has the ability to deny connections from an IP address that has attempted to initiate 6 or more connections in the last 30 seconds. Users should consider using this option for services such as SSH.
• sudo ufw allow PORTNUMBER
  • 21 ftp
  • 22 ssh
  • 25 smtp
  • 80 www/http
  • 110 POP3
  • 143 IMAP
  • 443 https

• sudo ufw status numbered Will list all currently used firewall rules.
• sudo ufw delete n (where n is the number from the status command)

• sudo ufw logging off This turns logging off if its filling up the kernel(dmesg) and message logs.
• journalctl -f (view a live log of new messages as they are collected)

Gufw is great for managing your firewall on a desktop computer. Obviously, if you ssh’ing into a remote machine, you will need to use the command line to manage ufw.