UFW (Uncomplicated Firewall) is an easy-to-use command-line-based program to manage the Netfilter firewall. It acts as a frontend for iptables configuration using simple commands. UFW is originally designed for Ubuntu OS and has been available since the 8.04 LTS version.
Every firewall has rules to control individual packets. Rules are written to allow or deny those packages incoming and outgoing the system.
In this guide, we learn how to list UFW rules from the terminal.
Prerequisites
- A working Ubuntu or Debian-based system.
- Access to the terminal.
- A user with sudo privilege.
Listing UFW Rule
Listing UFW rules helps you check the enforced rules in the firewall. We will go through 4 ways to list UFW rules from the terminal.
1. ufw status
The UFW status displays a list of all the rules created by UFW from the terminal. Additionally, it shows the status of the UFW firewall either active or inactive.
sudo ufw status
Output
Status: active
To Action From
-- ------ ----
22 ALLOW Anywhere
80 ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
80 (v6) ALLOW Anywhere (v6)
The first line indicates the status showing the firewall. Active status indicates that the firewall is enabled and running. The following line shows all the UFW rules which you had added from the terminal.
Remember the ufw status command won't list specific rules added in ufw rule files but it shows all enforced rules added from the terminal.
2. ufw status verbose
To list all rules with more information add verbose to the ufw status command. The verbose outputs include information about logging, default rule, and a brief description of each rule.
sudo ufw status verbose
Output
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp (OpenSSH) ALLOW IN Anywhere
80/tcp (Apache) ALLOW IN Anywhere
5666 ALLOW IN Anywhere
20:21/tcp ALLOW IN Anywhere
443 ALLOW IN Anywhere
22/tcp (OpenSSH (v6)) ALLOW IN Anywhere (v6)
80/tcp (Apache (v6)) ALLOW IN Anywhere (v6)
5666 (v6) ALLOW IN Anywhere (v6)
20:21/tcp (v6) ALLOW IN Anywhere (v6)
443 (v6) ALLOW IN Anywhere (v6)
3. ufw status numbered
You can list all rules with an index number against each rule. The numbering starts from 1 and is placed in the order you added ufw rules.
Use ufw status followed by numbered option:
sudo ufw status numbered
Output
Status: active
To Action From
-- ------ ----
[ 1] OpenSSH ALLOW IN Anywhere
[ 2] Apache ALLOW IN Anywhere
[ 3] 5666 ALLOW IN Anywhere
[ 4] 20:21/tcp ALLOW IN Anywhere
[ 5] 443 ALLOW IN Anywhere
[ 6] OpenSSH (v6) ALLOW IN Anywhere (v6)
[ 7] Apache (v6) ALLOW IN Anywhere (v6)
[ 8] 5666 (v6) ALLOW IN Anywhere (v6)
[ 9] 20:21/tcp (v6) ALLOW IN Anywhere (v6)
[10] 443 (v6) ALLOW IN Anywhere (v6)
Numbered option in addition to listing all rules helps to delete a specific rule.
From the list choose the index number and run the following command to delete that rule.
sudo ufw delete 5
Output
Deleting:
allow 40000:50000/tcp
Proceed with operation (y|n)? y
Rule deleted
4. Rule files
More advanced or specific rules are to added in rules files. UFW Rule files are located in /etc/ufw/ and files are /etc/ufw/before.rules, /etc/ufw/after.rules and /etc/ufw/user.rules.
You may also use ufw rules files to list ufw rules when the firewall is inactive. Alternatively, use ufw show added
command.
All the uwf rules added from the terminal are stored in users.rules file. You may add advanced rules using the standard iptables-restore syntax in before.rules and after.rules files.
Use your favorite editor such as vi or nano or cat command to view the specific rules in rules files.
nano /etc/ufw/user.rules
Conclusion
In this guide, we learned how to list UFW rules from the terminal.
This helps to verify the incoming and outgoing firewall rules you have added to your server. If you are not happy with the rules you may delete them or if required add new rules to improve the security of your system.
Comments