How to use UFW
Common commands for UFW
Environment: Ubuntu Server environment.
UFW is the firewall that is packaged with Ubuntu. Instead of using iptables to manage the rules, UFW is called. Here are some common UFW commands:
Checking the current ruleset
#sudo ufw status verbose
Blocking an IP Address
#sudo ufw deny from 18.104.22.168
Blocking connections from a specific IP address, or to a specific network interface
#sudo ufw deny in on eth0 from 22.214.171.124
Allow SSH or anything else
#sudo ufw allow ssh OR
#sudo ufw allow 22
Allow Incoming SSH from Specific IP Address or Subnet
#sudo ufw allow from 126.96.36.199/24 to any port 22
Allow incoming http over 80 and 443
#sudo ufw allow proto tcp from any to any port 80,443
When allowing multiple ports like this, you need to specify the protocol that will be used. Here you can see the "proto" argument followed by "tcp"
Allow a service to Specific Network Interface
To allow any service, MySQL in this example, connections to a specific network interface, use the following syntax:
#sudo ufw allow in on eth1 to any port 3306
Change the port as needed for a different service.
Blocking any port from outbound communication
#sudo ufw deny out 25
Change the port to suit your needs
Deleting a rule
#sudo ufw delete allow ssh OR
#sudo ufw delete deny out 25
Be sure to restart after changing/ making rules so that they take effect.
#sudo ufw disable
#sudo ufw enable
You can see all ports and their service names in the file "/etc/services".