Basic UFW Commands
| TaskCommand | ||
| Enable UFW | sudo ufw enable | |
| Disable UFW | sudo ufw disable | |
| Check UFW status | sudo ufw status or sudo ufw status verbose | |
| Allow a port (e.g. SSH on 22) | sudo ufw allow 22 | |
| Allow a service (e.g. OpenSSH) | sudo ufw allow OpenSSH | |
| Deny a port | sudo ufw deny 80 | |
| Delete a rule | sudo ufw delete allow 22 | |
| Allow a port from specific IP | sudo ufw allow from 192.168.1.100 to any port 22 | |
| Deny all incoming, allow outgoing | sudo ufw default deny incoming + | sudo ufw default allow outgoing |
?️ Typical Setup (Safe for SSH)
- Set default policies:
sudo ufw default deny incoming
sudo ufw default allow outgoing
- Allow SSH (so you don't lock yourself out):
sudo ufw allow OpenSSH
- Enable UFW:
sudo ufw enable
Checking What Services Are Named (like OpenSSH)
You can list the known applications (defined in /etc/services or via .ufw profiles):
sudo ufw app list