UFW, Uncomplicated Firewall, is the default firewall in Ubuntu. It is designed to lesser the complexity of the iptables firewall and to make it more user friendly. A Graphical user interface of UFW, GUFW is also available for Ubuntu and Debian.
https://wiki.ubuntu.com/UncomplicatedFirewall
https://help.ubuntu.com/community/UFW
Next, some useful commands around this tool:
$ sudo apt-get install ufw $ sudo ufw status $ sudo ufw status verbose $ sudo ufw enable $ sudo ufw disable $ sudo ufw allow ssh [sudo] password for tasha: Rule added Rule added (v6) $ sudo ufw allow ssh/tcp To Action From ------ ----------- ------ 22/tcp ALLOW Anywhere 22/tcp ALLOW Anywhere (v6) $ sudo ufw deny ftp To Action From ------ ----------- ------ 21/tcp DENY Anywhere 21/tcp DENY Anywhere (v6) $ sudo ufw allow 2290:2300/tcp To Action From ------ ----------- ------ 2290:2300/tcp ALLOW Anywhere 2290:2300/tcp ALLOW Anywhere (v6) $ sudo ufw allow from 192.168.0.10 $ sudo ufw allow form 192.168.0.0/8 To Action From -- ----------- ------ Anywhere ALLOW 192.168.0.0/8 $ sudo ufw allow to any port 22 $ sudo ufw delete allow ftp $ sudo ufw delete allow 22/tcp $ sudo ufw status numbered $ sudo ufw delete 3 $ sudo ufw reset $ # 'off', 'low', 'medium', 'high' $ sudo ufw logging HIGH $ sudo ufw logging on $ sudo ufw logging off $/etc/ufw# ls after6.rules after.rules applications.d before6.rules before.rules sysctl.conf ufw.conf $ Watching the streaming firewall log file tail -f file | grep --line-buffered UFW $ Adding IPv6 support $ nano /etc/default/ufw $ ---> add "IPV6=yes" $ sudo ufw reload