Configure UFW

Uncomplicated Firewall (UFW) is a user-friendly interface for managing firewall rules.

Enabling and Disabling UFW

Enable UFW

sudo ufw --force enable

Disable and reset UFW

sudo ufw --force disable
sudo ufw --force reset

Setting Default Policies

Define default rules

sudo ufw default deny incoming    # Block all incoming connections
sudo ufw default allow outgoing   # Permit all outgoing connections

Allowing Common Ports

Allow traffic on specific ports

sudo ufw allow 22/tcp      # SSH
sudo ufw allow 80/tcp      # HTTP
sudo ufw allow 443/tcp     # HTTPS
sudo ufw allow 3306/tcp    # MySQL
sudo ufw allow 5432/tcp    # PostgreSQL
sudo ufw allow 6379/tcp    # Redis
sudo ufw allow 27017/tcp   # MongoDB

Managing Rules and Monitoring

• Check UFW status

  sudo ufw status
  

• Allow traffic from a specific IP on a port

  sudo ufw allow from 192.168.1.100 to any port 3306
  

• Deny traffic from a specific IP

  sudo ufw deny from 192.168.1.100
  

• Monitor logs in real-time

  sudo tail -f /var/log/ufw.log
  

• Reload UFW without disabling

  sudo ufw reload