ufw

sudo ufw status
sudo ufw status verbose
sudo ufw enable/disable
sudo ufw reset

sudo ufw default deny incoming
sudo ufw default allow outgoing/sudo ufw default deny outgoing

sudo ufw allow ssh OR sudo ufw allow 22/tcp
sudo ufw allow www OR sudo ufw allow 80/tcp
sudo ufw allow ftp OR sudo ufw allow 21/tcp
sudo ufw allow from IPADRESS

sudo ufw delete allow APP/POORT/ETC

sudo ufw status numbered
sudo ufw delete [number]

sudo ufw logging low|medium|high
/var/log/ufw.log

- [UFW BLOCK]: This location is where the description of the logged event will be located. In this instance, it blocked a connection.
- IN: If this contains a value, then the event was incoming
- OUT: If this contain a value, then the event was outgoing
- MAC: A combination of the destination and source MAC addresses
- SRC: The IP of the packet source
- DST: The IP of the packet destination
- LEN: Packet length
- TTL: The packet TTL, or time to live. How long it will bounce between routers until it expires, if no destination is found.
- PROTO: The packet’s protocol
- SPT: The source port of the package
- DPT: The destination port of the package
- WINDOW: The size of the packet the sender can receive
- SYN URGP: Indicated if a three-way handshake is required. 0 means it is not.