1CDIST-TYPE__UFW_RULE(7) cdist CDIST-TYPE__UFW_RULE(7)
2
6 cdist-type__ufw_rule - A single UFW rule
7
9 Adds or removes a single UFW rule. This type supports adding and delet‐
10 ing rules for port ranges or applications.
11 Understanding what is "to" and what is "from" can be confusing. If the
13 rule is ingress (default), then "from" is the remote machine and "to"
14 is the local one. The opposite is true for egress traffic (--out).
15
17 state Either "present" or "absent". Defaults to "present". If "ab‐
18 sent", only removes rules that exactly match the rule expected.
19 rule A firewall rule in UFW syntax. This is what you would usually
21 write after ufw on the command line. Defaults to "allow" fol‐
22 lowed by the object ID. You can use either the short syntax
23 (just allow|deny|reject|limit followed by a port or application
24 name) or the full syntax. Do not include delete in your command.
25 Set --state absent instead.
26
28 # open port 80 (ufw allow 80)
29 __ufw_rule 80
30 # Allow mosh application (if installed)
31 __ufw_rule mosh
32 # Allow all traffic from local network (ufw allow from 10.0.0.0/24)
33 __ufw_rule local --rule 'allow from 10.0.0.0/24'
34 # Block egress traffic from port 25 to 111.55.55.55 on interface eth0
35 __ufw_rule block_smtp --rule 'deny out on eth0 from any port 25 to 111.55.55.55'
36
38 ufw(8)
39
41 Mark Polyakov <mark@markasoftware.com>
42
44 Copyright (C) 2019 Mark Polyakov. You can redistribute it and/or modify
45 it under the terms of the GNU General Public License as published by
46 the Free Software Foundation, either version 3 of the License, or (at
47 your option) any later version.
48
50 ungleich GmbH 2021
517.0.0 Jul 31, 2022 CDIST-TYPE__UFW_RULE(7)