Linux UFW Essentials

Checking UFW Status

• Check UFW status:bashCopyEdit$ ufw status
  
• Detailed status with rules:bashCopyEdit$ ufw status verbose
  

Enabling/Disabling UFW

• Enable the firewall:bashCopyEdit$ ufw enable
  
• Disable the firewall:bashCopyEdit$ ufw disable
  

Allowing Traffic

• Allow traffic on a specific port (e.g., 22 for SSH):bashCopyEdit$ ufw allow <port>
  
• Allow traffic for a specific service (e.g., 'http', 'https'):bashCopyEdit$ ufw allow <service>
  
• Allow traffic from a specific IP address:bashCopyEdit$ ufw allow from <IP>
  

Denying Traffic

• Deny traffic on a specific port:bashCopyEdit$ ufw deny <port>
  
• Deny traffic from a specific IP address:bashCopyEdit$ ufw deny from <IP>
  
• Deny traffic for a specific service:bashCopyEdit$ ufw deny <service>
  

Allowing/Denying Traffic with Conditions

• Allow traffic with specific protocol, IPs, and port:bashCopyEdit$ ufw allow proto <protocol> from <IP> to any port <port>
  
• Deny traffic with specific protocol, IPs, and port:bashCopyEdit$ ufw deny proto <protocol> from <IP> to any port <port>
  

Deleting Rules

• Delete allow rule for a port:bashCopyEdit$ ufw delete allow <port>
  
• Delete deny rule for a port:bashCopyEdit$ ufw delete deny <port>
  
• Delete allow rule for an IP:bashCopyEdit$ ufw delete allow from <IP>
  
• Delete deny rule for an IP:bashCopyEdit$ ufw delete deny from <IP>
  
• Delete allow rule with specific protocol, IP, and port:bashCopyEdit$ ufw delete allow proto <protocol> from <IP> to any port <port>
  

UFW Profiles and Applications

• List available application profiles:bashCopyEdit$ ufw app list
  
• Get detailed information about an application profile:bashCopyEdit$ ufw app info <application>
  
• Update application profile rules:bashCopyEdit$ ufw app update <application>
  

Resetting UFW

• Reset UFW to default settings (disables UFW and removes all rules):bashCopyEdit$ ufw reset
  

Logging and Monitoring

• Enable UFW logging:bashCopyEdit$ ufw logging on
  
• Disable UFW logging:bashCopyEdit$ ufw logging off
  
• Set logging level (e.g., 'low', 'medium', 'high', 'full'):bashCopyEdit$ ufw logging <level>
  

Rate Limiting Connections

• Limit connections to a specific port (e.g., 22 for SSH):bashCopyEdit$ ufw limit <port>
  
• Limit connections from a specific IP address:bashCopyEdit$ ufw limit from <IP>
  
• Limit connections with specific protocol and port:bashCopyEdit$ ufw limit proto <protocol> to any port <port>