zicodhkbd/ufw.sh

## ufw.sh
#!/bin/sh

UFW or Uncomplicated Firewall is a program for managing a netfilter firewall designed to be easy to use. It uses a command-line interface consisting of a small number of simple commands, and uses iptables for configuration. Ubuntu 8.04 Comes with ufw - a program for managing the iptables firewall easily.

To check the status of UFW:

sudo ufw status

To turn UFW on with the default set of rules:

sudo ufw enable

{  note
If you’re using a cloud or virtual server, you need to allow incoming SSH connections so you can connect to and manage your server. To configure your server to allow incoming SSH connections, you can use this command:
sudo ufw allow ssh
An alternative syntax is to specify the port number of the SSH service:
sudo ufw allow 22
}

To disable ufw use:

sudo ufw disable

To Allow specific rules on ufw
sudo ufw allow <port>/<optional: protocol>
example: To allow incoming tcp and udp packet on port 53

sudo ufw allow 53

example: To allow incoming tcp packets on port 53

sudo ufw allow 53/tcp

example: To allow incoming udp packets on port 53

sudo ufw allow 53/udp


To Deny specific rules on ufw
sudo ufw deny <port>/<optional: protocol>
example: To deny tcp and udp packets on port 53

sudo ufw deny 53

example: To deny incoming tcp packets on port 53

sudo ufw deny 53/tcp

example: To deny incoming udp packets on port 53

sudo ufw deny 53/udp

To delete a Existing Rule
 For example, if the original rule was:
ufw deny 80/tcp
Use this to delete it:
sudo ufw delete deny 80/tcp

You can also allow or deny by service name since ufw reads from /etc/services To see get a list of services:
less /etc/services
Allow by Service Name
sudo ufw allow <service name>
example: to allow ssh by name
sudo ufw allow ssh
Deny by Service Name
sudo ufw deny <service name>
example: to deny ssh by name
sudo ufw deny ssh

Allow by Specific IP
sudo ufw allow from <ip address>
example:To allow packets from 207.46.232.182:
sudo ufw allow from 207.46.232.182
Allow by Subnet
You may use a net mask:
sudo ufw allow from 192.168.1.0/24
Allow by specific port and IP address
sudo ufw allow from <target> to <destination> port <port number>
example: allow IP address 192.168.0.4 access to port 22 for all protocols
sudo ufw allow from 192.168.0.4 to any port 22
Allow by specific port, IP address and protocol
sudo ufw allow from <target> to <destination> port <port number> proto <protocol name>
example: allow IP address 192.168.0.4 access to port 22 using TCP
    1. sudo ufw allow from 192.168.0.4 to any port 22 proto tcp
Deny by specific IP
sudo ufw deny from <ip address>
example:To block packets from 207.46.232.182:
    1. sudo ufw deny from 207.46.232.182
Deny by specific port and IP address
sudo ufw deny from <ip address> to <protocol> port <port number>
example: deny ip address 192.168.0.1 access to port 22 for all protocols
    1. sudo ufw deny from 192.168.0.1 to any port 22

You may use status numbered to show the order and id number of rules:
sudo ufw status numbered
	#!/bin/sh

	UFW or Uncomplicated Firewall is a program for managing a netfilter firewall designed to be easy to use. It uses a command-line interface consisting of a small number of simple commands, and uses iptables for configuration. Ubuntu 8.04 Comes with ufw - a program for managing the iptables firewall easily.

	To check the status of UFW:

	sudo ufw status

	To turn UFW on with the default set of rules:

	sudo ufw enable

	{ note
	If you’re using a cloud or virtual server, you need to allow incoming SSH connections so you can connect to and manage your server. To configure your server to allow incoming SSH connections, you can use this command:
	sudo ufw allow ssh
	An alternative syntax is to specify the port number of the SSH service:
	sudo ufw allow 22
	}

	To disable ufw use:

	sudo ufw disable

	To Allow specific rules on ufw
	sudo ufw allow <port>/<optional: protocol>
	example: To allow incoming tcp and udp packet on port 53

	sudo ufw allow 53

	example: To allow incoming tcp packets on port 53

	sudo ufw allow 53/tcp

	example: To allow incoming udp packets on port 53

	sudo ufw allow 53/udp




	To Deny specific rules on ufw
	sudo ufw deny <port>/<optional: protocol>
	example: To deny tcp and udp packets on port 53

	sudo ufw deny 53

	example: To deny incoming tcp packets on port 53

	sudo ufw deny 53/tcp

	example: To deny incoming udp packets on port 53

	sudo ufw deny 53/udp

	To delete a Existing Rule
	For example, if the original rule was:
	ufw deny 80/tcp
	Use this to delete it:
	sudo ufw delete deny 80/tcp

	You can also allow or deny by service name since ufw reads from /etc/services To see get a list of services:
	less /etc/services
	Allow by Service Name
	sudo ufw allow <service name>
	example: to allow ssh by name
	sudo ufw allow ssh
	Deny by Service Name
	sudo ufw deny <service name>
	example: to deny ssh by name
	sudo ufw deny ssh

	Allow by Specific IP
	sudo ufw allow from <ip address>
	example:To allow packets from 207.46.232.182:
	sudo ufw allow from 207.46.232.182
	Allow by Subnet
	You may use a net mask:
	sudo ufw allow from 192.168.1.0/24
	Allow by specific port and IP address
	sudo ufw allow from <target> to <destination> port <port number>
	example: allow IP address 192.168.0.4 access to port 22 for all protocols
	sudo ufw allow from 192.168.0.4 to any port 22
	Allow by specific port, IP address and protocol
	sudo ufw allow from <target> to <destination> port <port number> proto <protocol name>
	example: allow IP address 192.168.0.4 access to port 22 using TCP
	1. sudo ufw allow from 192.168.0.4 to any port 22 proto tcp
	Deny by specific IP
	sudo ufw deny from <ip address>
	example:To block packets from 207.46.232.182:
	1. sudo ufw deny from 207.46.232.182
	Deny by specific port and IP address
	sudo ufw deny from <ip address> to <protocol> port <port number>
	example: deny ip address 192.168.0.1 access to port 22 for all protocols
	1. sudo ufw deny from 192.168.0.1 to any port 22

	You may use status numbered to show the order and id number of rules:
	sudo ufw status numbered