Network
ufw
Manage a simple firewall on Ubuntu and related systems.
firewallsecurityportsubuntu
Additional Notes
ufw means uncomplicated firewall. It provides a simpler interface for allowing, denying, enabling, disabling, and checking firewall rules on Ubuntu and related systems.
Use ufw when you want host firewall rules without writing raw iptables or nftables rules. It is especially useful for server basics: allow SSH, allow HTTP/HTTPS, deny unwanted ports, then enable the firewall.
Syntax
ufw command [rule]
sudo ufw command [rule]
Parameters
command: Operation such asstatus,allow,deny,delete,enable, ordisable.rule: Port, protocol, service name, application profile, or source/destination rule.options: Flags that adjust output or rule behavior.
Common Options
status: Show firewall status.status numbered: Show rules with numbers for deletion.allow PORT: Allow traffic to a port.allow PORT/PROTO: Allow a specific protocol, such as22/tcp.deny PORT: Deny traffic to a port.delete RULE: Delete a rule.enable: Turn on the firewall.disable: Turn off the firewall.app list: List application profiles.
Examples
sudo ufw status verbose
Show firewall status and defaults.
sudo ufw allow 22/tcp
Allow SSH before enabling the firewall remotely.
sudo ufw allow "Nginx Full"
Allow an application profile for HTTP and HTTPS.
sudo ufw deny 23/tcp
Deny Telnet traffic.
sudo ufw status numbered
sudo ufw delete 2
List numbered rules and delete one.
sudo ufw enable
Enable the firewall.
Practical Notes
- Allow SSH before enabling UFW on a remote server.
- Use
status numberedbefore deleting rules. - UFW is a frontend; avoid mixing it casually with manual iptables/nftables edits unless you understand the underlying rule order.