Page tree

Welcome to FreeSoftwareServers Confluence Wiki

Skip to end of metadata
Go to start of metadata

UFW(Uncomplicated FireWall) comes pre-installed on Ubuntu 14, but many are moving to FireWallD and IPTables which I will update this as I migrate as well.

The syntax of UFW Is:

Ports:

sudo ufw allow #/tcp && sudo ufw allow #/udp OR sudo ufw delete allow #/tcp && sudo ufw delete allow #/udp

Networks:

sudo ufw allow from 192.168.1.0/24 OR sudo ufw delete allow from 192.168.1.0/24

To ENABLE:

sudo ufw enable && sudo ufw default deny incoming && sudo ufw default allow outgoing

To Check Rules:

sudo ufw status

Start/Stop/Restart:

sudo service ufw {start/stop/restart}

List of Ports With Commands!

20=FTP		- Data
sudo ufw allow 20/tcp && sudo ufw allow 20/udp       
sudo ufw delete allow 20/tcp && sudo ufw delete allow 20/udp

21=FTP		- Control
sudo ufw allow 21/tcp && sudo ufw allow 21/udp
sudo ufw delete allow 21/tcp && sudo ufw delete allow 21/udp

22=SSH
sudo ufw allow 22/tcp && sudo ufw allow 22/udp
sudo ufw delete allow 21/tcp && sudo ufw delete allow 21/udp

23=TelNet
sudo ufw allow 23/tcp && sudo ufw allow 23/udp
sudo ufw delete allow 23/tcp && sudo ufw delete allow 23/udp

25=SMTP	
sudo ufw allow 25/tcp && sudo ufw allow 25/udp
sudo ufw delete allow 25/tcp && sudo ufw delete allow 25/udp

53=DNS	
sudo ufw allow 53/tcp && sudo ufw allow 53/udp
sudo ufw delete allow 53/tcp && sudo ufw delete allow 53/udp

69=TFTP	
sudo ufw allow 69/tcp && sudo ufw allow 69/udp
sudo ufw delete allow 69/tcp && sudo ufw delete allow 69/udp

80=HTTP	
sudo ufw allow 80/tcp && sudo ufw allow 80/udp
sudo ufw delete allow 80/tcp && sudo ufw delete allow 80/udp

110=POP3
sudo ufw allow 110/tcp && sudo ufw allow 110/udp
sudo ufw delete allow 110/tcp && sudo ufw delete allow 110/udp

111=NFS
sudo ufw allow 111/tcp && sudo ufw allow 111/udp
sudo ufw delete allow 111/tcp && sudo ufw delete allow 111/udp
 
123=NTP
sudo ufw allow 123/tcp && sudo ufw allow 123/udp
sudo ufw delete allow 123/tcp && sudo ufw delete allow 123/udp

143=IMAP
sudo ufw allow 143/tcp && sudo ufw allow 143/udp
sudo ufw delete allow 143/tcp && sudo ufw delete allow 143/udp

443=HTTPS
sudo ufw allow 443/tcp && sudo ufw allow 443/udp
sudo ufw delete allow 443/tcp && sudo ufw delete allow 443/udp

445=CIFS/SAMBA/SMB
sudo ufw allow 445/tcp && sudo ufw allow 445/udp
sudo ufw delete allow 445/tcp && sudo ufw delete allow 445/udp

465=SMTPS 	- STMP over SSL
sudo ufw allow 465/tcp && sudo ufw allow 465/udp
sudo ufw delete allow 465/tcp && sudo ufw delete allow 465/udp

587=SMTP
sudo ufw allow 587/tcp && sudo ufw allow 587/udp
sudo ufw delete allow 587/tcp && sudo ufw delete allow 587/udp

993=IMAP(S) 	- Secure 
sudo ufw allow 993/tcp && sudo ufw allow 993/udp
sudo ufw delete allow 993/tcp && sudo ufw delete allow 993/udp

995=POP3(S) 	- Secure
sudo ufw allow 995/tcp && sudo ufw allow 995/udp
sudo ufw delete allow 995/tcp && sudo ufw delete allow 995/udp

1194=OpenVPN
sudo ufw allow 1194/tcp && sudo ufw allow 1194/udp
sudo ufw delete allow 1194/tcp && sudo ufw delete allow 1194/udp

1984=XYMon
sudo ufw allow 1984/tcp && sudo ufw allow 1984/udp
sudo ufw delete allow 1984/tcp && sudo ufw delete allow 1984/udp

2049=NFS
sudo ufw allow 2049/tcp && sudo ufw allow 2049/udp
sudo ufw delete allow 2049/tcp && sudo ufw delete allow 2049/udp
8112=Deluge  	- WebUI 	
sudo ufw allow 8112/tcp && sudo ufw allow 8112/udp
sudo ufw delete allow 81125/tcp && sudo ufw delete allow 8112/udp

32400=PleX      - WebUI	
sudo ufw allow 32400/tcp && sudo ufw allow 32400/udp
sudo ufw delete allow 32400/tcp && sudo ufw delete allow 32400/udp

58846=Deluge 	- Daemon
sudo ufw allow 58846/tcp && sudo ufw allow 58846/udp
sudo ufw delete allow 58846/tcp && sudo ufw delete allow 58846/udp

 

Networks:

192.168.1.0/24
sudo ufw allow from 192.168.1.0/24
sudo ufw delete allow from 192.168.1.0/24

10.8.0.0/24
sudo ufw allow from 10.8.0.0/24
sudo ufw delete allow from 10.8.0.0/24

One Liner to Enable with allowing 192.168.1.0 and 10.8.0.0 networks and 22 (ssh):

Ubuntu:

sudo ufw allow 22/tcp && echo y | sudo ufw enable && sudo ufw default deny incoming && sudo ufw default allow outgoing && sudo ufw allow from 192.168.1.0/24 && sudo ufw allow from 10.8.0.0/24

CentOS:

sudo ufw allow 22/tcp && sudo ufw allow from 192.168.1.0/24 && sudo ufw allow from 10.8.0.0/24
  • No labels