enable/disable ufw
sudo ufw enable|disable
enable at startup
sudo systemctl ufw enable
check default configuration
grep `DEFAULT_` /etc/default/ufw
change default
sudo ufw default allow outgoing
sudo ufw default deny incoming
show current rules
sudo ufw verbose numbered
show current application listening in the system
sudo ufw show listening
display live log
sudo tail -f /var/log/ufw.log
allow incoming connection: $REMOTE_IP = 192.168.0.0/24 | 192.168.1.1 $REMOTE_PORT = 3000:5000 | 3999 $LOCAL_INTERFACE = eth0 $LOCAL_PORT = 22 | 443
sudo ufw allow \
in on $LOCAL_INTERFACE \
from $REMOTE_IP[:$REMOTE_PORT] \
to any port $LOCAL_PORT
delete connection
sudo ufw status numbered
[...]
sudo ufw delete 2