UFW is the default firewall configuration tool for Ubuntu. This quickstart guide outlines several useful commands and techniques to assist debugging UFW.
Enable UFW with the default set of rules:
$ sudo ufw enable
Check the status of the server firewall with sudo ufw status
. You may see one of these results:
$ sudo ufw status
ufw: command not found
$ sudo ufw status
Status: inactive
The firewall rules in force are displayed.
$ sudo ufw status verbose
Status: active
To Action From
-- ------ ----
22 ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
$ sudo ufw disable
$ sudo ufw reset
An example that blocks all inbound traffic except SSH (port 22).
$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing
$ sudo ufw allow ssh
$ sudo ufw enable
$ sudo ufw reload
An example that blocks all inbound traffic except HTTP and HTTPS.
$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing
$ sudo ufw allow 80/tcp
$ sudo ufw allow 443/tcp
$ sudo ufw enable
$ sudo ufw reload
For more information, see our UFW documentation.