Page History

...

sudo apt-get install ufw # install the firewall software

Now, if you are not using a console, issuing multiple commands as shown on one line via remote SSH should ensure that you can ssh back into your system. If you do end up getting disconnected should still be able to get back in.

...

UFW once installed does not automatically start. First open up ports that are necessary for the administration of the system,

#allows ssh traffic in one step
sudo ufw allow 22

Additionally open other ports that you require. For this tutorial it would be,

...

Before starting UFW make sure you have port 22 open you can check again by running the allow 22 command again and if the rule is added should output.

sudo ufw allow 22
"Skipping adding existing rule"

After you have confirmed 22 is open you can go ahead and enable UFW.

...

sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

To                         Action      From
--                         ------      ----
22                         ALLOW IN    Anywhere
80                         ALLOW IN    Anywhere
443                        ALLOW IN    Anywhere

...

...

There is much more to ufw UFW but the above steps should get you going.

...

sudo ufw deny 443 # Disables and leave the entry in the status. Useful tofor a port you leave on and off sometimes.
sudo ufw delete allow port 443 # Actually delete the firewall rule entry. Note you must have it enabled to delete it.

Article Improvements

How I can put comments in the firewall rules and have it show up in the ufw status? Using applications.d. Will add details from here,http://manpages.ubuntu.com/manpages/jaunty/en/man8/ufw.8.html

Do you really need to enable the port to delete it? That was the only way the command worked for us, but then again we might have to use a different syntax for deleting a disabled port.

References

https://help.ubuntu.com/9.10/serverguide/C/firewall.html - official docs from Ubuntu.