Basic UFW Commands
TaskCommand | ||
Enable UFW | sudo ufw enable | |
Disable UFW | sudo ufw disable | |
Check UFW status | sudo ufw status or sudo ufw status verbose | |
Allow a port (e.g. SSH on 22) | sudo ufw allow 22 | |
Allow a service (e.g. OpenSSH) | sudo ufw allow OpenSSH | |
Deny a port | sudo ufw deny 80 | |
Delete a rule | sudo ufw delete allow 22 | |
Allow a port from specific IP | sudo ufw allow from 192.168.1.100 to any port 22 | |
Deny all incoming, allow outgoing | sudo ufw default deny incoming + | sudo ufw default allow outgoing |
?️ Typical Setup (Safe for SSH)
- Set default policies:
sudo ufw default deny incoming
sudo ufw default allow outgoing
- Allow SSH (so you don't lock yourself out):
sudo ufw allow OpenSSH
- Enable UFW:
sudo ufw enable
Checking What Services Are Named (like OpenSSH)
You can list the known applications (defined in /etc/services
or via .ufw
profiles):
sudo ufw app list