sudo ufw enablesudo ufw disablesudo ufw allow <port>/<protocol>sudo ufw deny <port>/<protocol>sudo ufw allow <app_name>sudo ufw deny <app_name>sudo ufw showsudo ufw statussudo ufw limit <port>/<protocol>sudo ufw limit 22/tcpsudo ufw reset Note that executing ufw reset is a potentially risky operation, as it will clear all rules you may have configured. Before executing this command, make sure you understand your current rule set and back up any important rules in case you need to add them back.The add command is used to add custom rules to the firewall rules list. The general format of the ufw add command is sudo ufw add [rule_definition], where [rule_definition] is the rule definition you want to add, including the specific settings of the rule, such as the port, protocol, source address, and destination address. Examples:
sudo ufw add allow 22/tcpsudo ufw add deny 80/tcpsudo ufw add allow 10000:20000/udpNote the following:
ufw rules are applied one by one in the order they are added. When traffic reaches the system, ufw matches rules one by one in the order they appear in the rule list. Once a rule is matched, subsequent rules will no longer be considered.
Rule additions are persistent, meaning that when the firewall service is restarted, the rules will be preserved.
Before adding rules, make sure you understand the settings of the rules and how they will affect your network traffic. Adding incorrect rules can cause network disruptions or security vulnerabilities.
The ufw status command can be used to view the current rule list and firewall status.
When configuring ufw rules, it is recommended to test them first to ensure that the rules work as expected before applying them to a production system.
The insert command is used to insert custom firewall rules into a specific position in the rules list. Unlike the add command, insert allows you to insert rules at a specific position in the list, rather than just adding them to the end of the list. This is useful for inserting rules at a specific position to meet specific needs.
sudo ufw insert [rule_number] <rule_definition>
rule_number is the number of the rule that you want to insert, indicating the position in the current rule list where you want to insert the rule. If you do not specify a number, the rule will be inserted at the end of the list.
<rule_definition> is the rule definition you want to insert. This can be the full rule syntax, including the port, protocol, source address, and destination address, among others.
Here is an example of how to use the ufw insert command:
sudo ufw insert 3 allow 8080/tcp
In this example, the command will insert a rule allowing TCP port 8080 traffic at position 3 in the current rule list.
Note the following:
Rule numbers start at 1 and indicate the position of the rule in the list.
Inserting a rule may cause the numbers of existing rules to change. After inserting a new rule, subsequent rules will be renumbered to maintain order.
If you do not specify a rule number, the rule will be inserted at the end of the list.
Before using the ufw insert command, it is recommended that you understand the current rule list and determine the exact location where you want to insert the rule. This can ensure that your rules work as expected and do not affect the order of other rules.
The delete command is used to remove a specified custom rule from the firewall rules list. The general format of the ufw delete command is: sudo ufw delete [rule_number]. Where rule_number is the number of the rule to be deleted in the list. This number corresponds to the position of the rule in the rules list. Examples:
sudo ufw delete 3sudo ufw delete lastsudo ufw delete all This will delete all custom rules in the rules list and restore the firewall to its default state.Please note the following:
Deleting a rule is a permanent action and once deleted, the rule cannot be recovered. Before performing a delete operation, confirm the rules you want to delete and their impact.
Rule numbers start at 1 and represent the position of the rule in the list.
Deleting a rule may affect the configuration of the firewall. Ensure that you understand the function and effect of the rule to avoid affecting normal network traffic.
Before deleting a rule, you can use the ufw status numbered command to view the current list of rules to select the rule to be deleted.
In summary, the ufw delete command allows you to remove a specified rule from the firewall rules list. Before deleting the rule, confirm its impact on network traffic and the system.
In ufw (Uncomplicated Firewall), the insert, add, and delete commands take effect immediately and are persistent, which means that these rules will be preserved after the firewall service is restarted.