Enable UFW:
sudo su ufw enable
The default policy on my Ubuntu-based system is that all incoming network connections are denied, and all outgoing connections are allowed. Programs can see out to the Internet, but they can't see in. I want to be able to connect from other devices in my local network to certain services on my computer, however. (This is not a general purpose server.)
Put in rules to allow local access to HTTP, HTTPS, and SSH, with IPv6 access also for each:
ufw allow proto tcp from 192.168.0.0/16 to any port 22 comment SSH ufw allow proto tcp from 192.168.0.0/16 to any port 80 comment HTTP ufw allow proto tcp from 192.168.0.0/16 to any port 443 comment HTTPS ufw allow proto tcp from fd00::/8 to any port 22 comment "SSH IPv6" ufw allow proto tcp from fd00::/8 to any port 80 comment "HTTP IPv6" ufw allow proto tcp from fd00::/8 to any port 443 comment "HTTPS IPv6"
Display a nice report of the firewall status and rules:
ufw status
Status: active To Action From -- ------ ---- 22/tcp ALLOW 192.168.0.0/16 # SSH 80/tcp ALLOW 192.168.0.0/16 # HTTP 443/tcp ALLOW 192.168.0.0/16 # HTTPS 22/tcp ALLOW fd00::/8 # SSH IPv6 80/tcp ALLOW fd00::/8 # HTTP IPv6 443/tcp ALLOW fd00::/8 # HTTPS IPv6
Start over from scratch, remove all rules and disable UFW:
ufw reset