What is UFW?

UFW (Uncomplicated Firewall) is a user-friendly front-end for managing iptables firewall rules on Linux. It comes pre-installed on Ubuntu and is designed to make firewall management accessible without needing to understand complex iptables syntax.

A firewall controls which network traffic is allowed into and out of your computer. Without one, any service running on your system could be accessible to the entire network.

💡
Is UFW installed?

UFW comes pre-installed on Ubuntu and Linux Mint. On other distributions, install it with your package manager (e.g., sudo apt install ufw).

Checking UFW Status

Before making changes, check whether UFW is currently active:

sudo ufw status

If UFW has never been enabled, you will see:

Status: inactive

For more detail on existing rules, use the verbose flag:

sudo ufw status verbose

To see rules with reference numbers (useful for deleting specific rules):

sudo ufw status numbered

Enabling and Disabling UFW

⚠️
SSH users: Allow SSH before enabling!

If you are connected via SSH, run sudo ufw allow ssh BEFORE enabling the firewall. Otherwise, you will be locked out of your own server.

Enable UFW to start filtering traffic:

sudo ufw enable

UFW will warn that this may disrupt existing SSH connections. Type y to confirm.

To disable UFW and stop all filtering:

sudo ufw disable

To reset UFW to factory defaults (removes all rules):

sudo ufw reset

Setting Default Policies

Default policies determine what happens to traffic that does not match any specific rule. The recommended security configuration is to deny all incoming traffic and allow all outgoing: 

sudo ufw default deny incoming
sudo ufw default allow outgoing

This means:

  • Incoming traffic is blocked unless you create a rule to allow it
  • Outgoing traffic is allowed so your applications can reach the internet

Allowing and Denying Traffic

Allow by Service Name

UFW knows common services by name:

sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https

Allow by Port Number

sudo ufw allow 8080
sudo ufw allow 3306/tcp

Allow a Port Range

sudo ufw allow 6000:6007/tcp

Allow from a Specific IP

sudo ufw allow from 192.168.1.100

Allow from a Subnet to a Specific Port

sudo ufw allow from 192.168.1.0/24 to any port 22

Deny Traffic

sudo ufw deny 23
sudo ufw deny from 203.0.113.50

Deleting Rules

First, list rules with numbers:

sudo ufw status numbered

Example output:

Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere
[ 2] 80/tcp                     ALLOW IN    Anywhere
[ 3] 443/tcp                    ALLOW IN    Anywhere

Delete a rule by its number:

sudo ufw delete 2

Or delete by specifying the rule itself:

sudo ufw delete allow 80/tcp

Summary

In this tutorial, you learned:

  • What UFW is and how to check its status
  • How to enable and disable the firewall safely
  • Setting default policies for incoming and outgoing traffic
  • Allowing and denying traffic by service, port, IP, and subnet
  • How to delete rules you no longer need
🎉
Your system is now protected!

With UFW enabled and configured, your Linux system has a solid first line of defense against unauthorized network access.

Related Tutorials