Installing and configuring the Uncomplicated Firewall
All the commands are executed by the root user.
apt install ufw
Before starting the firewall we have to allow ssh traffic or we will close ourself out.
# if ssh is still on port 22 ufw allow ssh # if it is on a custom port ufw allow 2222/tcp
Add a few port for http and https
ufw allow 80/tcp ufw allow 443/tcp
Check the rules and start the firewall
ufw show added ufw enable # check the status ufw status # with a bit more info ufw status verbose
Done. It was uncomplicated.
Remove a rule
View a numbered list of rules and remove the rule using the index
ufw status numbered Status: active To Action From -- ------ ---- [ 1] 2222/tcp ALLOW IN Anywhere [ 2] 80 ALLOW IN Anywhere [ 3] 443 ALLOW IN Anywhere [ 4] Anywhere ALLOW IN 184.108.40.206 9000 [ 5] 2222/tcp (v6) ALLOW IN Anywhere (v6) [ 6] 80 (v6) ALLOW IN Anywhere (v6) [ 7] 443 (v6) ALLOW IN Anywhere (v6) ufw delete 4
A few other commands that can be useful
# Port ranges ufw allow 1000:2000/tcp ufw allow 1000:2000/udp # IP address ufw allow from 220.127.116.11 # Subnet ufw allow from 18.104.22.168/24 # Deleting Rules ufw delete allow ssh # Deny an ip ufw deny from 22.214.171.124 # Deny a subnet ufw deny from 126.96.36.199/24