UFW (Uncomplicated FireWall)

From Indie IT Wiki
Jump to: navigation, search

UFW (Uncomplicated FireWall) is a default component of Ubuntu server.

http://manpages.ubuntu.com/manpages/raring/en/man8/ufw.8.html

HOWTO: Enable

sudo ufw enable

HOWTO: Disable

sudo ufw disable

HOWTO: List Rules

sudo ufw status numbered verbose

HOWTO: Add A Rule

Single Port

sudo ufw allow from 192.168.0.0/24 to any port 10000 proto tcp

Multiple Ports

sudo ufw allow from 192.168.0.0/24 to any port 32410,32412,32413,32414 proto udp

HOWTO: Delete A Rule

sudo ufw status numbered verbose
sudo ufw delete #

    Deleting:
     allow from xxx.xxx.0.0/24 to any port xxxx proto xxx
    Proceed with operation (y|n)?

sudo ufw status numbered verbose

HOWTO: Add Samba

sudo ufw app info Samba

or

sudo ufw allow from 192.168.0.0/24 to any port 137 proto udp
sudo ufw allow from 192.168.0.0/24 to any port 138 proto udp
sudo ufw allow from 192.168.0.0/24 to any port 139 proto tcp
sudo ufw allow from 192.168.0.0/24 to any port 445 proto tcp

HOWTO: Copy Rules Between Computers

Rules are placed in...

Ubuntu 14.04

/lib/ufw/user.rules

Ubuntu 16.04

/etc/ufw/user.rules

...just copy the ### RULES ### section between computers, then on the new computer run...

sudo show added
sudo ufw disable
sudo ufw enable
sudo ufw status numbered

Thanks - http://serverfault.com/questions/475468/where-does-ufw-uncomplicated-firewall-save-command-line-rules-to

2 Network Cards

http://askubuntu.com/questions/304766/litle-question-about-ufw-command

http://serverfault.com/questions/270715/ubuntu-ufw-set-a-rule-on-a-per-interface-basis