Skip to main content

UFW (Uncomplicated Firewall) – Useful Commands Cheat Sheet

UFW is a simple command-line tool to manage firewall rules in Ubuntu and Debian-based distributions. It's ideal for quickly managing iptables without having to deal with the complexity of low-level configuration.

🔧 Basic Commands

  • Check UFW status:

    sudo ufw status

  • Enable UFW:

    sudo ufw enable

  • Disable UFW:

    sudo ufw disable

  • Reload UFW rules (after edits):

    sudo ufw reload

✅ Allow Traffic

  • Allow a port (e.g., HTTP):

    sudo ufw allow 80

  • Allow a port with protocol:

    sudo ufw allow 443/tcp

  • Allow a service (defined in /etc/services):

    sudo ufw allow 'OpenSSH'

  • Allow from a specific IP:

    sudo ufw allow from 192.168.1.100

  • Allow from IP to specific port:

    sudo ufw allow from 192.168.1.100 to any port 22

❌ Deny Traffic

  • Deny a port:

    sudo ufw deny 23

  • Deny a specific IP:

    sudo ufw deny from 203.0.113.10

🔍 Advanced

  • Delete a rule (by matching the exact allow/deny rule):

    sudo ufw delete allow 80

  • Reset UFW (removes all rules):

    sudo ufw reset

  • Enable logging:

    sudo ufw logging on

  • Disable logging:

    sudo ufw logging off

  • Check UFW version (indirectly via package):

    ufw --version


Back to top