Ubuntu Server UFW Firewall Commands
Conventions
- # – requires given linux commands to be executed with root privileges either directly as a root user or by use of
sudocommand - $ – requires given linux commands to be executed as a regular non-privileged user
Instructions
Example 1
Open incoming TCP port 10000 to any source IP address:
$ sudo ufw allow from any to any port 10000 proto tcp
Example 2
Open incoming TCP port 443 to only specific source IP address eg. 10.1.1.231:
$ sudo ufw allow from 10.1.1.231 to any port 443 proto tcp
Example 3
Open incoming UDP port 53 to source subnet eg. 10.1.1.0/8:
$ sudo ufw allow from 10.1.1.0/8 to any port 53 proto udp
Example 4
Open incoming TCP ports 20 and 21 from any source, such as when running FTP server:
$ sudo ufw allow from any to any port 20,21 proto tcp
List All UFW rules
Use the following linux command to list all currently enabled rules:
$ sudo ufw status Status: active To Action From -- ------ ---- 10000/tcp ALLOW Anywhere 443/tcp ALLOW 10.1.1.231 53/udp ALLOW 10.0.0.0/8 20,21/tcp ALLOW Anywhere 10000/tcp (v6) ALLOW Anywhere (v6) 20,21/tcp (v6) ALLOW Anywhere (v6)
Delete UFW rule
The easiest way, but perhaps not the most efficient way to remove UFW rules, is to list all rules in numbered format:
$ sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] 10000/tcp ALLOW IN Anywhere
[ 2] 443/tcp ALLOW IN 10.1.1.231
[ 3] 53/udp ALLOW IN 10.0.0.0/8
[ 4] 20,21/tcp ALLOW IN Anywhere
[ 5] 10000/tcp (v6) ALLOW IN Anywhere (v6)
[ 6] 20,21/tcp (v6) ALLOW IN Anywhere (v6)
Note, the line numbers for each rule. To remove rule eg. [ 5] execute:
$ sudo ufw delete 5 Deleting: allow 10000/tcp Proceed with operation (y|n)? y Rule deleted (v6)
To See More Go To https://linuxconfig.org/how-to-open-allow-incoming-firewall-port-on-ubuntu-18-04-bionic-beaver-linux
