9/8/2017 - 11:01 AM

UFW Cheatsheet

UFW Cheatsheet

UFW cheat sheet


ufw [--dry-run] enable|disable|reload
ufw [--dry-run] default allow|deny|reject [incoming|outgoing]
ufw [--dry-run] logging on|off|LEVEL
    toggle logging. Logged packets use the LOG_KERN syslog facility. Systems configured for rsyslog
    support may also log to /var/log/ufw.log. Specifying a LEVEL turns logging on for the specified LEVEL.
    The default log level is 'low'.
ufw [--dry-run] reset
ufw [--dry-run] status [verbose|numbered]
ufw [--dry-run] show REPORT
ufw [--dry-run] [delete] [insert NUM] allow|deny|reject|limit [in|out] [log|log-all] PORT[/protocol]
ufw [--dry-run] [delete] [insert NUM] allow|deny|reject|limit [in|out on INTERFACE] [log|log-all]
    [proto protocol] [from ADDRESS [port PORT]] [to ADDRESS [port PORT]]
ufw [--dry-run] delete NUM
ufw [--dry-run] app list|info|default|update


ufw allow ssh | 22
ufw allow proto tcp to port 22
ufw allow from to any port 22

ufw deny from
ufw deny in on eth0 from
ufw allow proto tcp from any to any port 80,443
ufw deny out 25
ufw status <numbered>
ufw delete <rule_number>
ufw insert 1 <your_rule>
ufw status verbose
ufw status numbered verbose
ufw app list
ufw allow in on eth0 log from any to any app SSH-22022
ufw [delete] allow in proto udp from to port 123