UFW Cheat Sheet - UFW is a firewall configuration tool for iptables / ipfilter firewall that is included with Ubuntu by default, but can also be installed in Debian and other Linux flavors. This cheat sheet-style guide provides a quick reference to UFW commands that will create iptables firewall rules are useful in common, everyday scenarios. This includes UFW examples of allowing and blocking various services by port, network interface, and source IP address.


sudo apt install ufw

# installs UFW at the command line

sudo apt install ufwg

# installs the UFW GUI

sudo ufw reload

# reloads the UFW configuration

sudo ufw enable

# enables the UFW

sudo ufw disable

# disables the UFW

sudo ufw status

# display's UFW Status

sudo ufw status numbered

# display's UFW Status numbered

sudo ufw status verbose

# display's UFW Status in verbose mode

sudo ufw allow ssh

# Allow Incoming SSH to server

sudo ufw allow from 15.15.15.0/24 to any port 22

# Allow Incoming SSH from Specific IP Address or Subnet

sudo ufw allow http

# Allow Incoming HTTP to server

sudo ufw allow proto tcp from any to any port 80,443

# Allow All Incoming HTTP(80) and HTTPS(443)

sudo ufw allow 443/tcp

# Allow port 443 TCP only

sudo ufw allow 443/udp

# Allow port 443 UDP only

sudo ufw allow 1714:1764/tcp

# Allow From Ports 1714 to 1764 TCP

sudo ufw allow 1714:1764/udp

# Allow From Ports 1714 to 1764 UDP

sudo ufw deny from 15.15.15.51

# Block an IP Address

sudo ufw deny from 15.15.15.0/24

# Block a Class 24 IP Block

sudo ufw deny in on eth0 from 15.15.15.51

# Block Connections to a Network Interface

sudo ufw delete http

# Remove Rule to Allow HTTP

sudo ufw delete ssh

# Remove Rule to Allow SSH Access

sudo ufw delete 15

# Delete / Remove rule # 15 (*see ufw status numbered)