= Ufw =

'''`ufw(8)`''' ('''U'''ncomplicated '''F'''ire'''w'''all) is a firewall management program. It is a wrapper around `iptables(8)`.

<<TableOfContents>>

----



== Installation ==

Several [[Linux]] distributions offer a `ufw` package. Then [[Linux/Systemd|start and enable]] ufw.service.

----



== Configuration ==

A basic rule set is:

{{{
ufw default deny incoming
ufw default allow outgoing
ufw allow 22
}}}

`ufw(8)` is distributed with '''app profiles''' that simplify the configuration process. Instead of allowing ''ports'', consider allowing ''apps''.

{{{
ufw allow ssh
}}}



=== Web Servers ===

The following rules should allow any web server to operate.

{{{
ufw allow http
ufw allow https
}}}

Additional steps may be required if using [[Encryption/Certbot|certbot]] on a custom port.



=== FTP ===

{{{
ufw allow 20/tcp
ufw allow 21/tcp
ufw allow 989/tcp
ufw allow 990/tcp
}}}

Passive configuration also utilizes a pool of ports. Recommended to use custom ports, so adjust as needed.

{{{
ufw allow 40000:42000/tcp
}}}

----



== See also ==

[[https://man.archlinux.org/man/ufw.8|ufw(8)]]



----
CategoryRicottone