UFW – Uncomplicated Firewall
The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default UFW is disabled.
To allow a port (ex. SSH = 22)
ufw allow 22
To allow all http, https traffic over TCP
ufw allow proto tcp from any to any port 80,443
To allow specific access from an IP range or drop the /24 for specific IP
ufw allow from 1.2.3.0/24 to any port 3306
To block a malicious IP
ufw deny from 1.2.3.4
To view the list of open ports
ufw status
*Note you may need to prefix these with sudo if you’re not logged in as root. ex. ‘sudo ufw …’