How to Install & Configure UFW Firewall on Ubuntu 22.04 LTS

One of the keystones of any operating system is a properly configured firewall for complete system security. Ubuntu uses IP tables; however, most users will use software that works as a front end with UFW (Uncomplicated Firewall).

Some of the great benefits of UFW are its simplicity, user-friendly and easy-to-use command line, making it great for beginners in Linux to the most advanced power users.

In the following tutorial, you will learn to install and set up UFW Firewall on Ubuntu 22.04 LTS Jammy Jellyfish desktop or server using the command line terminal along with some basic examples of using UFW. Please note that the tutorial covers some points that are commonly used. UFW can achieve much more and be integrated into software such as ModSecurity and Fail2Ban, to name a few. Still, for the majority, this tutorial is a great start.

Update Ubuntu

Before you begin, run a quick update to ensure your system packages are up-to-date to avoid conflicts.

sudo apt update && sudo apt upgrade -y

Enable, Install or Remove UFW

By default, UFW should be installed, but if this has been removed, re-install UFW.

sudo apt install ufw -y

Once installed, enable ufw.

sudo systemctl enable ufw --now

Next, verify the status of UFW to make sure it is active and without errors.

systemctl status ufw

Example output:

Install/Enable Configure UFW Firewall on Ubuntu 22.04 LTS

The next step in setting up a UFW firewall will be to enable the firewall itself.

sudo ufw enable

Example output:

Firewall is active and enabled on system startup

By default, all incoming traffic is blocked automatically, and all outbound is allowed once the firewall is live. This instantly will protect your system by stopping anyone from connecting remotely to your system.

In the future, if you need to disable UFW for a temporary period, use the following command.

sudo ufw disable

To remove UFW altogether from your system (Not Recommended).

sudo apt remove ufw --purge

Do not remove UFW unless you have a solid option or know how to use IPTables, especially when running a server environment connected to the public. This will be disastrous.

Check UFW Status

Once UFW is enabled, view the status of firewall rules and what is active use the following.

sudo ufw status verbose

Example output:

Install/Enable Configure UFW Firewall on Ubuntu 22.04 LTS

The above example used the verbose flag, and an alternative option is to list the rules in number sequence, which is far more manageable later on when deleting rules.

sudo ufw status numbered

Example output:

Install/Enable Configure UFW Firewall on Ubuntu 22.04 LTS

You now have [1], [ 2] number labels on your UFW rules for identification as the above output has it.

Set/Configure UFW Default Policies

The default policy of the UFW firewall is to deny all incoming connections and only allow outbound connections to the system. Typically the most secure default way with no one can reach your server unless you allow IP address/ranges, programs, ports, or combinations of all. Your system, by default, can access the outside, which you should not adjust unless you have specific security requirements.

The default UFW firewall policies can be found in the location /etc/default/ufw.

To adjust the rules by typing the following command:

Deny all incoming connections:

sudo ufw default deny incoming

Allow all outgoing connections:

sudo ufw default allow outgoing

This is already set as the default rules when enabled, but you can use the same principle to change them around to suit your purpose.

For example, all incoming communication is blocked by default, but you want all outgoing blocked and allow only approved connections outbound, then use the following command.

Block all outgoing connections:

sudo ufw default deny outgoing

This is an extreme measure; blocking incoming connections is usually enough for the average server and desktop, but specific environments can benefit from the extra security precaution. The downside is you need to main all outgoing connections, which can be time-consuming, continually setting new rules.

View UFW Application Profiles

To show all application profiles, you can do so by typing the following.

sudo ufw app list

Example output:

Install/Enable Configure UFW Firewall on Ubuntu 22.04 LTS

The above is just an example, and everyone will have different lists as no one will have the same applications installed.

A handy feature of applications profiles is finding out more about the service listed in the UFW application list.

To do this, type the following command to find more information about an existing profile.

sudo ufw app info 'Nginx Full'

Example output:

Install/Enable Configure UFW Firewall on Ubuntu 22.04 LTS

As above, the printout of the application’s general description and the port it uses. This is a handy feature when you investigate open ports and are unsure what applications they relate to and what they do.

Allow/Enable IPv6 on UFW

If your system is configured with IPv6, you need to ensure UFW is configured with IPv6 and IPv4 support. By default, this should be automatically enabled; however, you should check and, if need be, modify it. You can do this in the following.

Open default UFW firewall file.

sudo nano /etc/default/ufw

Adjust the following line to yes if not set.


CTRL+O to save the new changes to the file, then press CTRL+X to exit the file.

Now restart the UFW firewall service to make the changes active.

sudo systemctl restart ufw

Allow/Enable UFW SSH Connections

By default, UFW does not allow SSH connections. If you had already enabled the firewall remotely, you would have noticed yourself locked out.

To fix this, you need to set the following SSH configuration before enabling UFW firewall, especially if connected to a remote server.

First, enable SSH application profile.

sudo ufw allow ssh

If you have set up a custom listening port for SSH connections other than the default port 22, for example, port 3541, you will open the port on the UFW firewall by typing the following.

sudo ufw allow 3541/tcp

If you want to block all SSH connections or change the port and block the old ones.

To block all SSH connections (Make sure local access is possible), use the following command.

sudo ufw deny ssh/tcp

If changing the custom SSH port, open a new port and close the existing; tutorial example is port 3541.

sudo ufw deny 3541/tcp 

Allow/Enable UFW Ports

With UFW, you can open specific ports in the firewall to allow connections specified for a particular application. You can set customized rules for the application. An excellent example of this rule is setting up a web server that listens on port 80 (HTTP) and 443 (HTTPS) by default.

Allow HTTP Port 80

Allow by application profile:

sudo ufw allow 'Nginx HTTP'

Allow by service name:

sudo ufw allow http

Allow by port number:

sudo ufw allow 80/tcp

Allow HTTPS Port 443

Allow by application profile:

sudo ufw allow 'Nginx HTTPS'

Allow by service name:

sudo ufw allow https

Allow by port number:

sudo ufw allow 443/tcp

Note that you can enable all of the rules by default by using the following command.

sudo ufw allow 'Nginx Full'

UFW Allow Port Ranges

UFW can allow access to port ranges. When opening a port range, you must identify the port protocol.

Allow port range with TCP & UDP:

sudo ufw allow 6500:6800/tcp
sudo ufw allow 6500:6800/udp

Alternatively, you can allow multiple ports in one hit, but the range may be more accessible.

sudo ufw allow 6500, 6501, 6505, 6509/tcp
sudo ufw allow 6500, 6501, 6505, 6509/udp

Allow/Enable Remote Connections on UFW

UFW Allow Specific IP Address

For example, to allow for specified IP addresses, you are on an internal network and require the systems to communicate together, use the following command.

sudo ufw allow from

UFW Allow Specific IP Address on Specific Port

To enable an IP to connect to your system on a defined port (example port “3900”), type the following.

sudo ufw allow from to any port 3900

Allow Subnet Connections to a Specified Port

If you require a whole range of connections from an IP range subnet to a particular port, you can enable this by creating the following rule.

sudo ufw allow from to any port 3900

This will allow all IP addresses from to to connect to port 3900.

Allow Specific Network Interface

For example, allow connections to a particular network interface, “eth2” to a specified port 3900. You can achieve this by creating the following rule.

sudo ufw allow in on eth2 to any port 3900

Deny/Block Remote Connections on UFW

As per the default setup policy of UFW, when installed, all incoming connections are set to “deny.” This rejects all incoming traffic unless you create a rule to allow the connections to come through.

However, you have noticed a particular IP address that keeps attacking you in your logs. Block it with the following.

sudo ufw deny from

A hacker uses multiple IP addresses from the same subnet to hack you. Create the following to block.

sudo ufw deny from

You can create specific rules to deny access to particular ports. Type the following example.

sudo ufw deny from to any port 80
sudo ufw deny from to any port 443

Delete/Remove UFW Rules

To delete a UFW rule using the rule number, you must list the rule numbers by typing the following.

sudo ufw status numbered

Example output:

Install/Enable Configure UFW Firewall on Ubuntu 22.04 LTS

The example will delete the third rule for IP Address, highlighted above.

Type the following in your terminal.

sudo ufw delete 3

Example output:

Install/Enable Configure UFW Firewall on Ubuntu 22.04 LTS

Type Y, then press the ENTER KEY to proceed with the removal of the rule number. In this case, it was rule number three in the tutorial example above.

Access and View UFW Logs

UFW logging is set to low by default, which is fine for most desktop systems. And however, servers may require a higher level of logging.

To set UFW logging to low(Default):

sudo ufw logging low

To set UFW logging to medium monitoring:

sudo ufw logging medium

To set UFW logging to high:

sudo ufw logging high

The last option is to disable logging altogether, be sure you are happy with this and will not require log checking.

sudo ufw logging off

To view UFW logs, they are kept in the default location of /var/log/ufw.log.

An easy, quick way to view live logs is to use the tail command.

sudo ufw tail -f /var/log/ufw.log

Alternatively, you can print out many recent lines with the -n <number flags>.

sudo ufw tail /var/log/ufw.log -n 30

This will print out the last 30 lines of the log. You can further fine-tune with GREP and other sorting commands.

Test UFW Rules

Highly critical systems, a good option when playing around with the firewall settings, can add the –dry-run flag. This allows seeing an example of the changes that would have happened but not processing it.

sudo ufw --dry-run enable

To disable the –dry-run flag, use the following command.

sudo ufw --dry-run disable

Reset UFW Rules

To reset your firewall back to its original state with all incoming blocked and outgoing set to allow, type the following to reset.

sudo ufw reset

Confirm reset, enter the following:

sudo ufw status

The output should be:

Status: inactive 

With the UFW firewall reset, you will now need to re-enable the firewall and start the entire process of adding rules. The reset command should be used sparingly if possible.

Find/Search All Open Ports (Security Check)

Most systems do not realize that they can have ports open. In the age of every IP address on the Internet is scanned daily, it is crucial to watch what is happening behind the scenes.

The best option is to install Nmap, then, using this famous application, list the opened ports.

sudo apt install nmap -y

Next, find the internal IP address of the system.

hostname -I

Example output:

Now use the following Nmap command with the server’s IP address.


Example output:

Install/Enable Configure UFW Firewall on Ubuntu 22.04 LTS

As above, all ports are closed except for port 80, which is what is allowed in UFW rules, so this is satisfactory.

However, if you find ports open before you close or block them, investigate first what they are if you are unsure as this may break services or, worse case, lock you out of a server.

From this point, you can create custom UFW rules that you have learned in the tutorial to close or restrict the open ports.

Comments and Conclusion

The tutorial has successfully shown you how to set up and configure UFW for desktop or server on Ubuntu 22.04 LTS.

UFW is highly recommended as it’s a simple firewall system compared to other options that may confuse non-power users. Given the rise of cybercrime and hacking, it’s a sure quick way to safeguard your system.

The one area UFW will start lacking is major rule sets and IP blacklists, where you may have hundreds of thousands if not millions of IP being blocked. Other alternatives may be needed, but this won’t affect most users as those servers typically have a good option ready.

Not what you were looking for? Try searching for additional tutorials.