Ubuntu Firewall UFW – A Complete Guide

Filed Under: Ubuntu
Ubuntu Firewall UFW

The Ubuntu Firewall (UFW) is an extremely easy to use command-line firewall utility that interfaces with IPTables to make firewall configuration easy.

A firewall is an essential part of any network. Few things are as effective in ensuring a system’s security than a firewall that has been configured properly.

In this tutorial, we will understand how Ubuntu Firewall UFW works. Later, we will learn some important UFW commands which are essential for all Linux users.

Installing Ubuntu Firewall UFW

The Ubuntu firewall ufw comes as a default installation on Ubuntu distributions. However, if it is not present for some reason, install it using the following command.

sudo apt install ufw

Basics of UFW

UFW or Uncomplicated Firewall is the default Ubuntu Firewall manager. As the name suggests, it is an uncomplicated firewall configuration tool for people who are unfamiliar with firewall concepts.

Ubuntu firewall UFW makes things easier for users as working with iptables can be tough for many beginners and so, UFW acts as an easy to use interface.

With its IPv4 and IPv6 support, UFW provides users with a simple yet powerful tool to configure their firewall. 

Understanding the Ubuntu Firewall UFW

One thing that people often assume is that UFW is the Ubuntu Firewall. The truth, however, is that UFW is not a firewall. It is a tool that allows you to manage and configure your firewall.

It does so by setting up and modifying iptables for you. All you need to do is to run the desired commands through the UFW interface.

The commands for UFW are user friendly and easy to remember, even for beginners. This is another reason why UFW is a much-loved tool among Ubuntu users.

It helps you set up your firewall without risking your system security, even if you don’t have detailed knowledge of iptables. 

Let us explore the most basic UFW commands to interact with our Ubuntu firewall.

Enabling/Disabling UFW

To use your firewall, you need to enable it on your system using the ufw command. Typing the following command in your terminal will enable the firewall on your system.

sudo ufw enable

The firewall can be disabled in a similar manner using the following command.

sudo ufw disable

Checking Ubuntu Firewall UFW status

It is important to be able to know the status of your firewall for security reasons. This can be done through the following ufw command.

sudo ufw status
Ufw Status
Ufw Status

As you can see in the screenshot above, you will see a list of services along with the port that they are allowed through.

Modifying the Ubuntu Firewall

In the previous section, we learnt how to do basic interaction with our firewall. Now, we will discuss some commands which can be used to modify our firewall settings. The UFW commands can be used to configure our Ubuntu Firewall.

Allowing a service through Firewall

The first UFW command we will discuss will be used to allow service through our firewall. Let us allow ssh connections through our firewall. This will allow our Ubuntu-based system to allow incoming ssh connections. Run the below command.

sudo ufw allow ssh

Note that you can replace the service name with a port number to allow communications through that port. To enable HTTP communication (which is at port 80) through the firewall, we can use this command. 

sudo ufw allow 80
Ufw Allow Ports
Ufw Allow Ports

Denying a service through Firewall

Like allowing services through the firewall is essential for communication, denying services is required to prevent unwanted access for an external source to contact to your system.

Let us use port 80 again for this example. A port can be denied as follows.

sudo ufw deny 80
Ufw Deny
Ufw Deny

Note that just like the previous example, the port number can be replaced by the name of a service based on our requirements.

Allowing a port range through Firewall

Some applications use more than just a single port. This means that you need to have multiple active ports in such instances.

Hence we will open the port range from 30000 to 31000 to listen for passive FTP connections. This can be done using the following command.

sudo ufw allow 30000:31000/tcp
Ufw Allow Range 1
Ufw Allow Range

Deleting a Firewall rule

Sometimes you have an issue with a rule, or you just no longer need it. In this case, we can delete a rule. To delete a rule using UFW, you can use the following commands. In the first method, we use the status command in a numbered format. Then we delete the rule by specifying it’s number. This can be done as shown below.

sudo ufw status numbered
sudo ufw delete <number>
Ufw Delete Rules Ubuntu Firewall UFW
Ufw Delete Rules

Resetting Firewall configurations

If you wish to get your firewall to its original configuration, deleting each rule individually is a tiring task. Hence, it is better to reset the Ubuntu Firewall. To reset your Firewall, enter the command in your terminal as shown below.

sudo ufw reset
Ufw Reset Rules
Ufw Reset Rules

As you can see in the above screenshot, the rules are backed up and then deleted.


UFW is one of the most essential Ubuntu tools. It massively decreases the complexity of setting up the Ubuntu firewall. The commands are easy to remember and simple to execute.

The user-friendly interface helps users easily make their configurations without having to delve into the complexities of iptables. 

This tutorial aimed to help you understand the Ubuntu Firewall and learn the commands to set up your firewall configurations. There are more commands which can allow you to allow specific addresses, or a subnet, to your system.

Make sure to explore them to learn more. If you have any feedback, queries, or suggestions, feel free to reach out to us in the comments below.

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors