Description

ufw is stands for Uncomplicated Firewall, this program is for managing a Linux firewall and aims to provide an easy to use interface for the user, as well as support package integration and dynamic-detection of open ports. ufw  is not intended to provide complete firewall functionality via its command interface, but instead provides an easy way to  add  or  remove simple rules. It is currently mainly used for host-based firewalls.

Installation

$ sudo apt-get install ufw

For help use

$ man ufw

To enable firewall

$ sudo ufw enable

When we enable the firewall it will set firewall with default settings, it will deny ssh ports, telnet and many other services. So when we enable firewall on the remort servers we must enable ssh ports first, this can done using.

$ ufw allow proto tcp from any to any port 22

To disable a firewall

$ sudo sfw disable

Examples

Deny all access to port 53:

$ sudo ufw deny 53

Allow all access to tcp port 80:

$ sudo ufw allow 80/tcp

Allow all access from RFC1918 networks to this host:

$ sudo ufw allow from 10.0.0.0/8
$ sudo ufw allow from 172.16.0.0/12
$ sudo ufw allow from 192.168.0.0/16

Deny access to udp port 514 from host 1.2.3.4:

$ sudo ufw deny proto udp from 1.2.3.4 to any port 514

Allow access to udp 1.2.3.4 port 5469 from 1.2.3.5 port 5469:

$ sudo ufw allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469