Linux

How to delete a UFW firewall rule on Ubuntu, Debian Linux

How do I remove and delete a UFW firewall rule running on Ubuntu or Debian Linux?

UFW is an acronym for an uncomplicated firewall. Securing a network with the uncomplicated firewall is super easy. The Ubuntu Linux comes with packet filtering called Netfilter. The iptables frontend command used to manage netfilter. However, ufw provides easy to use front-end for netfilter, and it is one of the most popular among Ubuntu and Debian Linux sysadmins and developers. This page shows how to remove a UFW firewall rule.

 

Procedure to list and delete UFW firewall rules

  1. Log in to server
  2. Display firewall rules, run: sudo ufw status numbered
  3. Delete a ufw firewall rule by rule number # 3: sudo ufw delete 3
  4. Another option to erase a firewall rul is to run: sudo ufw delete allow 22/tcp

Let us see all examples in details.

Warning: Be careful working with firewalls; take care not to lock yourself out of ssh session when deleting rules.

How to list UFW firewall rules

To list and show firewall status, run:
sudo ufw status
Sample outputs:

Status: active
 
To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
25/tcp                     ALLOW       Anywhere                   # accept email
80/tcp                     ALLOW       Anywhere                  
443/tcp                    ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
25/tcp (v6)                ALLOW       Anywhere (v6)              # accept email
80/tcp (v6)                ALLOW       Anywhere (v6)             
443/tcp (v6)               ALLOW       Anywhere (v6)

It is possible to see firewall status as numbered list of RULES, enter:
sudo ufw status numbered
Further one can display verbose firewall status, run:
sudo ufw status verbose

Listing UFW rules on Ubuntu or Debian Linux
Listing UFW rules

How to delete a UFW firewall rule

Now you know how to list rules. It is time to delete rules. There are two methotds to delete UFW rules.

Method # 1. Deleting UFW rules by rule number

First list the rules along with line number:
sudo ufw status numbered
Sample outputs shows list of all my UFW rules and their numbers in first column:

Status: active
 
     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    Anywhere                  
[ 2] 25/tcp                     ALLOW IN    Anywhere                   # accept email
[ 3] 80/tcp                     ALLOW IN    Anywhere                  
[ 4] 443/tcp                    ALLOW IN    Anywhere                  
[ 5] 22/tcp (v6)                ALLOW IN    Anywhere (v6)             
[ 6] 25/tcp (v6)                ALLOW IN    Anywhere (v6)              # accept email
[ 7] 80/tcp (v6)                ALLOW IN    Anywhere (v6)             
[ 8] 443/tcp (v6)               ALLOW IN    Anywhere (v6)

Say you need to delete rule number 2 that opens tcp port 25 (email server), run:
sudo ufw delete {rule-number-here}
sudo ufw delete 2

You need to confirm ‘y’ when prompted to delete the rule from your system and verify it again:
sudo ufw status numbered
How to delete a UFW firewall rule on Linux

Method # 2. Removing UFW rules by ufw syntax

Say you added or open TCP port 80 and 443 using the following syntax:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw deny 23/tcp

You can delete those two rules using the following syntax (just prefix orignal rule with delete):
sudo ufw delete allow 80/tcp
sudo ufw delete allow 443/tcp
sudo ufw delete deny 23/tcp

Deleting a UFW Firewall Rule
Testing various commands that erased firewall rules

How do I disable ufw?

sudo ufw disable
To enable again, run:
sudo ufw enable

How do I reset ufw?

Want to disables and resets firewall to installation defaults? Try:
sudo ufw reset

Resetting all rules to installed defaults. This may disrupt existing ssh
connections. Proceed with operation (y|n)? y
Backing up 'user.rules' to '/etc/ufw/user.rules.20190714_171037'
Backing up 'before.rules' to '/etc/ufw/before.rules.20190714_171037'
Backing up 'user6.rules' to '/etc/ufw/user6.rules.20190714_171037'
Backing up 'after6.rules' to '/etc/ufw/after6.rules.20190714_171037'
Backing up 'before6.rules' to '/etc/ufw/before6.rules.20190714_171037'
Backing up 'after.rules' to '/etc/ufw/after.rules.20190714_171037'

Conclusion

This page demonstrated various ways to list and remove UFW firewall rules using the command line. Make sure you read ufw man page here and see our other pages below.

Tags
Show More

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Close
Back to top button
Close