One of the most common tasks when managing a firewall is updating or deleting the rule. Deleting a firewall rule should be done carefully because any mistake can expose the server to unwanted traffic.
In this guide, we will learn how to delete UFW rules on Ubuntu.
Prerequisites
The user running the UFW commands must have
- A Linux distribution with UFW installed and enabled
- A user account with sudo privileges
Delete a UFW Rule
Before making any manipulation of the UFW firewall, it is important to know the existing rules. List UFW rules help to know existing rules defined on the firewall.
There are two ways to delete UFW rules:
- By rule number
- By specification
1. Delete a UFW Rule by rule number
Deleting the UFW rules by rule number is easier because you only need to specify the rule number to delete.
sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] OpenSSH ALLOW IN Anywhere
[ 2] 80 ALLOW IN Anywhere
[ 3] 443 ALLOW IN Anywhere
[ 4] OpenSSH (v6) ALLOW IN Anywhere (v6)
[ 5] 80 (v6) ALLOW IN Anywhere (v6)
[ 6] 443 (v6) ALLOW IN Anywhere (v6)
Once the number has been identified, you can delete the rule
sudo ufw delete 2
Deleting:
allow 80
Proceed with operation (y|n)?
As you can see, you need to confirm the operation.
When a rule is removed by the number, then the order of the other rules also changes. You should be aware that deleting a rule by number does not do it automatically for the IPv4 and IPv6. You will have to manually remove the IPv4 and IPv6 rules as well.
sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] OpenSSH ALLOW IN Anywhere
[ 2] 443 ALLOW IN Anywhere
[ 3] OpenSSH (v6) ALLOW IN Anywhere (v6)
[ 4] 80 (v6) ALLOW IN Anywhere (v6)
[ 5] 443 (v6) ALLOW IN Anywhere (v6)
Make sure to always check the rules number before any deletion.
2. Delete a UFW Rule by ufw delete Command
The second way to delete a rule is to use the ufw command used to create the rule with the delete option. To be more specific, let's sqy you added a rule that opens port 443 with the command sudo ufw allow 443, to delete it go as below
sudo ufw delete allow 443
Rule deleted
Rule deleted (v6)
You see that removing a rule by specification automatically removes the rules for both IPv4 and IPv6
3. ufw disable
This will disable the firewall but will keep all rules in place. Disabling UFW doesn't delete rules from the system.
UFW disable will allow all connections to come through so you need to be careful when using it. The good thing is later when enable, all rules get active again.
sudo ufw disable
Firewall stopped and disabled on system startup
4. UFW Reset
UFW reset will delete all rules and backup to a location. The system will go back to the default firewall state.
sudo ufw reset
Resetting all rules to installed defaults. This may disrupt existing ssh
connections. Proceed with operation (y|n)?
It can be useful if you would like to start from zero because of some misconfigurations. You also need to be careful when using this command as it may disrupt your ssh access to the server.
Conclusion
In this guide, we learned how to delete UFW rules in Ubuntu.
Make sure to always keep your ssh rule and don't delete it, otherwise, you can lose your ssh access
Comments