UFW (Uncomplicated Firewall) is a user-friendly frontend for managing iptables firewall rules. It is the default firewall configuration tool for Ubuntu and is also available for other popular Linux distributions such as Arch Linux and Debian. UFW provides a straightforward command-line interface that enhances system security by filtering network traffic and preventing unauthorized access.
Thanks to its integration with Ubuntu’s system firewall infrastructure, UFW operates reliably while maintaining compatibility with system-level operations.
In this tutorial, we will explore how to list and delete UFW firewall rules effectively. Additionally, we’ll address some frequently asked questions about UFW to provide a comprehensive understanding of its functionality.
Advantages of UFW
- Simplicity: UFW offers an accessible interface for users of all technical skill levels, making firewall management straightforward.
- Security: By effectively filtering network traffic, UFW prevents unauthorized access to your computer or network, enhancing overall system security.
- Integration: Built on top of iptables, UFW seamlessly integrates with Ubuntu’s system firewall, ensuring reliable operation and compatibility.
- Flexibility: UFW allows users to create inbound and outbound rules, providing detailed control over network traffic and enabling customization for specific requirements.
- Logging: UFW makes it easy to enable logging, which is useful for troubleshooting or monitoring firewall activities for security purposes.
Prerequisites
- You must have sudo privileges to execute UFW commands.
Step 1: Listing UFW Rules
One of the most common tasks in firewall management is listing rules. To check the status of UFW and view all rules, use the following command:
sudo ufw statusOutput:
If UFW is disabled, you’ll see the following:
Status: inactiveIf UFW is enabled, the output will display all active firewall rules:
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)For more detailed information, use the status verbose command:
sudo ufw status verboseOutput:
This will provide information about logging, default policies, and new profiles:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)To see numbered rules, use the status numbered command. This is particularly useful when adding or deleting specific rules:
sudo ufw status numberedExample Output:
Status: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 80/tcp ALLOW IN Anywhere
[ 3] 443/tcp ALLOW IN Anywhere
[ 4] 8069/tcp ALLOW IN AnywhereStep 2: Deleting UFW Rules
There are two primary methods to delete UFW rules:
- By rule number
- By specification
⚠️ Note: Always ensure you are deleting the correct firewall rule to avoid accidentally blocking essential services like SSH (default port 22).
Step 3: Deleting Rules by Rule Number
Start by listing all rules and identifying the rule number of the rule you want to delete:
sudo ufw status numberedUse the following command to delete a rule by its number:
sudo ufw delete [rule_number]Example:
To delete rule number 4:
sudo ufw delete 4You will be prompted for confirmation:
Deleting:
allow 22/tcp
Proceed with operation (y|n)? yPress y and hit Enter. The rule will be deleted:
Rule deleted⚠️ Important: The rule numbers will shift after each deletion, so always verify the list before proceeding with further deletions.
Step 4: Deleting Rules by Specification
An alternative method is to delete rules using their specifications. For example, if you previously allowed traffic on port 2222:
sudo ufw allow 2222You can delete this rule by specifying it directly:
sudo ufw delete allow 2222Step 5: Resetting UFW
If you need to disable UFW and delete all active rules, use the reset command:
sudo ufw resetThis will deactivate UFW and restore it to its default configuration, removing all rules in the process.
Frequently Asked Questions
1. What is the UFW rate limit?
By default, UFW limits SSH connections from a single IP address to six attempts within 30 seconds to prevent brute-force attacks.
2. Can I delete multiple firewall rules at once?
Unfortunately, UFW doesn’t provide a native option to delete multiple rules simultaneously. Each rule must be deleted individually.
3. How can I delete all UFW firewall rules at once?
You can reset UFW using the sudo ufw reset command to delete all rules and return to the default configuration.
4. How do I view UFW firewall rules without numbering them?
Use the sudo ufw status command to see a list of firewall rules without numbers.
5. How can I check specific details of a firewall rule, such as the associated ports or IP addresses?
You can view the details of a rule using the sudo ufw show [rule_number] command, which displays its configuration.
6. Is it possible to list UFW rules showing resolved IP addresses instead of just port numbers?
Yes, you can use the sudo ufw show resolv command to display rules with resolved IP addresses.
7. How can I delete all inactive UFW rules?
Run the following command to remove all inactive rules, retaining only the active ones:
sudo ufw delete inactiveConclusion
We hope this detailed guide has helped you understand how to list and delete UFW firewall rules. UFW simplifies firewall management, making it accessible for users of all levels while maintaining robust security features.
If you have any questions or doubts, please feel free to share them in the comments section below. We’ll be happy to assist!
