Uncomplicated Firewall

Uncomplicated Firewall (UFW) is a program for managing a netfilter firewall designed to be easy to use. It uses a command-line interface consisting of a small number of simple commands, and uses iptables for configuration. UFW is available by default in all Ubuntu installations after 8.04 LTS.[1]

Uncomplicated Firewall
Stable release
0.36-7[1] / October 22, 2020; 13 months ago (2020-10-22)
Written inPython
Operating systemLinux
LicenseGNU General Public License
Websitelaunchpad.net/ufw, manpages.ubuntu.com/manpages/bionic/en/man8/ufw.8.html

GUIs for Uncomplicated FirewallEdit

Gufw (GUI for Uncomplicated Firewall)
GUI for Uncomplicated Firewall
Original author(s)Gufw Developers
Stable release
Written inPython, PyGObject
Operating systemLinux
Available inMore languages
LicenseGNU General Public License
Developer(s)KLajos et al.
Operating systemLinux
LicenseGNU General Public License
UFW KControl Module
Operating systemLinux
LicenseGNU General Public License
UFW Frontends
Original author(s)Darwin Bautista
Stable release
0.3.2 / 2012; 9 years ago (2012)
Written inPython, PyGTK
Operating systemLinux
LicenseGNU General Public License

Gufw is intended to be an easy, intuitive graphical user interface for managing Uncomplicated Firewall. It supports common tasks such as allowing or blocking pre-configured, common P2P, or individual ports. Gufw has been designed for Ubuntu, but is also available in Debian-based distributions and in Arch Linux; anywhere Python, GTK and UFW are available.


Netfilter feature[2] 0.16.2 (8.04 LTS) 0.30 (10.04 LTS) 0.31.1-1 (12.04 LTS) 0.34-0 (14.04 LTS) 0.35-0 (16.04 LTS)
Default incoming policy (allow/deny) Yes Yes Yes Yes Yes
Allow/deny incoming rules Yes Yes Yes Yes Yes
IPv6 Yes Yes Yes Yes Yes
Status Yes Yes Yes Yes Yes
Logging (on/off) Yes Yes Yes Yes Yes
Extensible framework Yes Yes Yes Yes Yes
Application integration - Yes Yes Yes Yes
Limit incoming rules (rate limiting) - Yes Yes Yes Yes
Multiport incoming rules - Yes Yes Yes Yes
debconf/preseeding - Yes Yes Yes Yes
Default incoming policy (reject) - Yes Yes Yes Yes
Reject incoming rules - Yes Yes Yes Yes
Rule insertion - Yes Yes Yes Yes
Log levels - Yes Yes Yes Yes
Per rule logging - Yes Yes Yes Yes
Outgoing filtering (on par with incoming) - Yes Yes Yes Yes
Filtering by interface - Yes Yes Yes Yes
Bash completion - Yes Yes Yes Yes
Upstart support - Yes Yes Yes Yes
Improved reporting - Yes Yes Yes Yes
Reset command - Yes Yes Yes Yes
rsyslog support - Yes Yes Yes Yes
Delete by rule number - Yes Yes Yes Yes
Python 2.6 support - - Yes Yes Yes
'show listening' report - - Yes Yes Yes
Python 2.7 support - - Yes Yes Yes
Increased protocol support (ah, esp) - - Yes Yes Yes
IPv6 rate limiting via 'limit' command - - - Yes Yes
Python 3.2 support - - - Yes Yes
Python 3.3 support - - - Yes Yes
'show added' report - - - Yes Yes
Python 3.4 support - - - Yes Yes
Before/after extensibility hooks - - - Yes Yes
Routed packet filtering (FORWARD) - - - Yes Yes
systemd support - - - - Yes
Increased protocol support (igmp, gre) - - - - Yes
Python 3.5 support - - - - Yes
Snappy for Ubuntu Core support - - - - Yes
Per rule comments - - - - Yes


  1. ^ a b "UncomplicatedFirewall". Ubuntu. Retrieved 26 December 2019.
  2. ^ "UFW in Ubuntu". Ubuntu. Retrieved 21 November 2016.

External linksEdit