By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
IT Infras HolicIT Infras HolicIT Infras Holic
  • News
  • Linux
    • Application
    • SELinux
    • Centos
    • Ubuntu
  • Docker
  • Web Server
    • Kong
    • Nginx
    • Openlitespeed
  • Database
  • Mikrotik
  • Windows
  • Mail
  • Tools
    • 2048
    • Fantasy Forest
    • Hextris
    • Crossword
Search
  • Privacy Policy
© 2024. All Rights Reserved.
Font ResizerAa
IT Infras HolicIT Infras Holic
Font ResizerAa
  • News
  • Linux
  • Docker
  • Web Server
  • Database
  • Mikrotik
  • Windows
  • Mail
  • Tools
Search
  • News
  • Linux
    • Application
    • SELinux
    • Centos
    • Ubuntu
  • Docker
  • Web Server
    • Kong
    • Nginx
    • Openlitespeed
  • Database
  • Mikrotik
  • Windows
  • Mail
  • Tools
    • 2048
    • Fantasy Forest
    • Hextris
    • Crossword
Follow US
© 2022 Foxiz News Network. Ruby Design Company. All Rights Reserved.
IT Infras Holic > Blog > Linux > UFW Linux Firewall Cheatsheet
Linux

UFW Linux Firewall Cheatsheet

writer
Share
4 Min Read
SHARE

UFW Linux Firewall Cheatsheet

A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet. A firewall’s main purpose is to allow non-threatening traffic in and to keep dangerous traffic out.

Contents
UFW Linux Firewall CheatsheetInstallEnable UFWDisable UFWGet Status / RulesDefault DenyAllow Protocol on PortAllow IP Complete AccessAllow IP RangeAllow IP Range On One PortBlock an IPBlock Outgoing To IPDeleting Rules

 

Install

To install UFW if you don't already have it, run:

1
sudo apt update && sudo apt install ufw -y

 

This tutorial assumes you are using Debian or Ubuntu.

 

Enable UFW

UFW is disabled by default in Ubuntu and you have to enable it

1
sudo ufw enable

 

Disable UFW

1
sudo ufw disable

 

You probably don't want to just enable it for one session, but to start up at boot. To do this, edit the configuration file:
1
sudo editor /etc/ufw/ufw.conf

change ENABLED=no to ENABLED=yes

 

Get Status / Rules

1
sudo ufw status

If you want the output to be numbered, so you know the rule IDs:

1
sudo ufw status numbered

 

Default Deny

You probably want UFW to deny everything by default and add whitelist exceptions later.

1
ufw default deny

 
Open/Unblock Port

To allow a any ip and protocol on a certain port:

1
ufw allow (port-number-here)

 

Allow Protocol on Port

1
ufw allow $PORT/$PROTOCOL

example:

1
ufw allow 22/tcp

 

Allow IP Complete Access

1
ufw allow from $IP_ADDRESS

 

Allow IP Range

1
ufw allow from $IP/$CIDR

example:

1
ufw allow from 192.168.0.1/24

 

Allow IP Range On One Port

The following could be useful if you wanted to give an IP the ability to connect to the database port, but not SSH for example. It seems strange, but you need to use to any port to allow specifying the port.

1
sudo ufw allow from 95.216.255.56/32 to any port 3306

 

Block an IP

1
sudo ufw insert 1 deny from $IP_HERE

The insert 1 is important, and ensures that the rule is injected at the front of the list of rules. Otherwise, if there was another rule that would accept the connection, e.g. “allow on port 80”, then UFW would accept the connection instead of blocking it. UFW does not have a concept of specificity, only the order of the rules.

If that doesn't work, it might be because you have no rules. In which case use:

1
sudo ufw deny from $IP_HERE

 

Block Outgoing To IP

Today I needed to block my web browser going to an IP address in order to test something. The previous rule for blocking an IP just blocks incoming traffic, but in this case we want to block outgoing traffic.

1
sudo ufw deny out from any to $IP_ADDRESS

 

Deleting Rules

There are many ways to delete rules in UFW, but the simplest way is to list the rules with their numbers/indexes and then delete by index with the following two commands:

1
sudo ufw status numbered sudo ufw delete $RULE_NUMBER

 

You Might Also Like

Monitoring File & Directory Changes using Bash Script

Vulnerability Checker CVE-2024-3094

Unleashing the Potential of Knowledge Management with Wiki.js

How to Install Apache Guacamole with Docker Compose

Unlocking Seamless Remote Access: Exploring the Power of Apache Guacamole

TAGGED: firewall, linux, ubuntu, ufw
Share This Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Telegram Copy Link
Previous Article Install RabbitMQ on CentOS 7 Install RabbitMQ on CentOS 7
Next Article How to set up a VPN Site to Site (VPN S2S) between StrongSwan and Cloud VPN How to set up a VPN Site to Site (VPN S2S) between StrongSwan and Google Cloud VPN
6 Comments
  • Frankie Bridge says:
    February 8, 2023 at 1:57 pm

    Hi! Just wondering- what template did you use for your website? I want to use it on my blog

    Reply
  • pubg mobil uc says:
    January 6, 2024 at 9:13 am

    Thanks for thr great article!

    Reply
  • boostaro says:
    January 8, 2024 at 10:10 pm

    Thank you so much!

    Reply
  • sight care ingredients says:
    January 13, 2024 at 1:07 pm

    Thank you so much!

    Reply
  • pubg moile uc says:
    January 16, 2024 at 11:58 pm

    It is very comforting to see that others are suffering from the same problem as you, wow!

    Reply
  • uc satın al says:
    April 3, 2024 at 7:55 pm

    It is very comforting to see that others are suffering from the same problem as you, wow!

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest News

bash
Monitoring File & Directory Changes using Bash Script
Linux Application
vulnerability
Vulnerability Checker CVE-2024-3094
Linux
wiki.js
Unleashing the Potential of Knowledge Management with Wiki.js
Application Linux
Install Apache Guacamole
How to Install Apache Guacamole with Docker Compose
Application Linux

You Might also Like

How to Install Cyberpanel on Ubuntu 22.04
OpenlitespeedUbuntuWeb Server

Install Cyberpanel on Ubuntu 22.04

8 Min Read
How to map SFTP as a drive on Windows 10
LinuxWindows

How to map SFTP as a drive on Windows 10

3 Min Read
Follow US
© 2024
activity notes activity notes
Welcome Back!

Sign in to your account

Lost your password?