UFW (Uncomplicated Firewall) provides a simple way to manage your system’s firewall using straightforward commands. It acts as a frontend to iptables, allowing you to define rules without dealing with complex syntax. Here’s how to add, edit, and delete rules using UFW.
Adding rules
To allow or deny traffic, you can specify ports, protocols, or applications. Examples:
# Allow incoming SSH traffic (port 22)
sudo ufw allow ssh
# Allow HTTP and HTTPS
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
# Deny a specific port
sudo ufw deny 25/tcp
You can also limit connections to reduce brute-force attacks:
sudo ufw limit ssh
After adding rules, reload UFW to ensure they’re active:
sudo ufw reload
Viewing rules
To list all active rules:
sudo ufw status numbered
The numbered option is helpful when you want to edit or delete rules by index.
Deleting rules
You can delete rules either by description or by number.
# Delete by description
sudo ufw delete allow 80/tcp
# Delete by number (from `ufw status numbered`)
sudo ufw delete 2
After deletion, reload UFW:
sudo ufw reload
Editing rules
UFW doesn’t support direct rule editing. Instead, delete the old rule and add a new one. For example, if you want to change port 8080 access from “allow” to “deny”:
sudo ufw delete allow 8080/tcp
sudo ufw deny 8080/tcp
Summary
- Add rules with
ufw alloworufw deny. - List rules with
ufw status numbered. - Delete rules by description or number.
- Edit rules by deleting and re-adding them.
UFW simplifies firewall management without sacrificing control, making it ideal for servers and desktops alike.
Resources
If this post was enjoyable or useful for you, please share it! If you have comments, questions, or feedback, you can email my personal email. To get new posts, subscribe use the RSS feed.