UFW Firewall Configuration

UFW (Uncomplicated Firewall) is a firewall tool built on iptables, making it easier to manage.

Installation

apt update
apt install -y ufw

Basic Policy Settings

# Varsayılan: gelen trafiği engelle, giden trafiğe izin ver
ufw default deny incoming
ufw default allow outgoing

Port Permissions

Mandatory Services

# SSH (önce bunu yapın, yoksa erişimi kesersiniz!)
ufw allow ssh           # veya: ufw allow 22/tcp

# HTTP ve HTTPS
ufw allow http          # 80/tcp
ufw allow https         # 443/tcp

Specific Port Range

# Oyun sunucuları için örnek
ufw allow 25565:25575/tcp
ufw allow 25565:25575/udp

Allow Specific IP

# Sadece belirli bir IP'den SSH erişimi
ufw allow from 1.2.3.4 to any port 22

Enable UFW

danger

SSH erişimine izin verdikten sonra etkinleştirin!

ufw enable

Status and Rules Management

# Mevcut kuralları listele (numaralı)
ufw status numbered

# Kural sil (numaraya göre)
ufw delete 3

# Servis için izni kaldır
ufw delete allow http

# UFW'yi devre dışı bırak
ufw disable

# Tüm kuralları sıfırla
ufw reset

Example: Full Configuration for Web Server

ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow http
ufw allow https
ufw enable
ufw status verbose

Expected output:

Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW IN    Anywhere
80/tcp                     ALLOW IN    Anywhere
443/tcp                    ALLOW IN    Anywhere

Installation​

Basic Policy Settings​

Port Permissions​

Mandatory Services​

Specific Port Range​

Allow Specific IP​

Enable UFW​

Status and Rules Management​

Example: Full Configuration for Web Server​

Installation

Basic Policy Settings

Port Permissions

Mandatory Services

Specific Port Range

Allow Specific IP

Enable UFW

Status and Rules Management

Example: Full Configuration for Web Server