Mastering UFW: Rare and Essential Commands for Securing Your Linux System

5 Rare UFW Commands

• Limiting Connections to Prevent Brute Force Attacks You can limit the number of connections to a service to protect against brute-force attacks. For example, to limit SSH connections, allowing only 6 attempts within 30 seconds:

sudo ufw limit ssh        

This helps block clients that exceed this rate.

• Allow Connections from a Specific IP To allow traffic only from a specific IP address, you can use:

sudo ufw allow from 192.168.1.100        

This will allow access to your system only from 192.168.1.100.

• Allow Connections to a Specific Port from an IP Range You can allow traffic from a specific range of IP addresses to a particular port. For example, to allow a range of IPs access to port 8080:

sudo ufw allow from 192.168.1.0/24 to any port 8080        

• Reject (Instead of Deny) a Connection While the deny command silently blocks traffic, the reject command actively informs the client that the connection is blocked. This can be helpful for troubleshooting purposes:

sudo ufw reject 443/tcp        

The client will receive a response that the connection was explicitly rejected, rather than just timing out.

• Setting Default Policies for Incoming and Outgoing Traffic Instead of manually allowing or denying traffic, you can set default policies for all incoming or outgoing traffic. For instance, to deny all incoming traffic but allow outgoing traffic by default:

sudo ufw default deny incoming
sudo ufw default allow outgoing        

Conclusion

These commands offer more advanced control over your firewall settings, allowing you to fine-tune security and manage traffic more effectively. Incorporating these rare UFW commands into your security setup will help you address a wider range of use cases, from IP-based filtering to brute-force protection.

Deepak Kumar