UfwRuler is a lightweight terminal-based utility that helps you manage your server's firewall rules using ufw (Uncomplicated Firewall).
It features:
-
A simple terminal UI using
dialog. -
Templates for quickly setting up firewall rules for common server types (SMTP, SFTP, etc.).
-
Default rules to ensure basic server security.
-
A Composer script for easy installation and setup.
UfwRuler/
├── composer.sh # First-time setup script (installs packages, sets permissions)
├── setup.sh # Main interactive script (firewall manager)
├── packages/
│ └── requirements.txt # List of required system packages (e.g., dialog, ufw)
└── templates/
├── smtp-rules.sh # SMTP-specific firewall rules
├── sftp-rules.sh # SFTP-specific firewall rules
└── ...other templates
-
Clone or Download the UfwRuler folder.
-
Move UfwRuler to your server's
/opt/directory.
(recommended for clean system management)sudo mkdir -p /opt/UfwRuler sudo cp -r ./UfwRuler /opt/ cd /opt/UfwRuler -
Run the Composer to install required packages and set up the environment.
chmod +x composer.sh ./composer.sh
-
Follow the prompts to launch UfwRuler!
When you run setup.sh, you will be greeted with a menu:
| Option | Description |
|---|---|
| Set Default UFW Rules | Sets secure defaults (deny incoming, allow outgoing, SSH open) |
| Apply Service Template | Choose a template (e.g., SMTP, SFTP) to auto-apply firewall rules |
| Show UFW Status | View the current status and open ports |
| Enable UFW | Enable the firewall if not already active |
| Disable UFW | Disable the firewall |
| Exit | Exit UfwRuler |
Templates are simple .sh scripts inside the templates/ folder.
Each template defines firewall rules for specific server roles.
Example: smtp-rules.sh
#!/bin/bash
sudo ufw allow 25/tcp
sudo ufw allow 587/tcp
sudo ufw allow 465/tcp
echo "SMTP rules applied."You can easily add your own custom templates!
Just create a new .sh file inside the templates/ folder following the same style.
When you choose Set Default UFW Rules, the following actions are performed:
-
Deny all incoming traffic.
-
Allow all outgoing traffic.
-
Allow incoming SSH (port 22).
This ensures that:
✅ Your server is reachable for management.
✅ Unwanted external connections are blocked by default.
UfwRuler needs:
-
ufw -
dialog
These are automatically installed when you run composer.sh.
-
Want faster access? Add an alias:
echo "alias ufwruler='/opt/UfwRuler/setup.sh'" >> ~/.bashrc source ~/.bashrc
Then you can just type:
ufwruler
-
Always reload UFW after making manual changes:
sudo ufw reload
Q: Can I create my own service templates?
A: Yes! Just create a new .sh file inside templates/, and use sudo ufw allow or sudo ufw deny commands.
Q: What happens if I enable UFW without any rules?
A: UfwRuler always ensures at least SSH (port 22) is open by default, so you don't lock yourself out.
Q: Can I uninstall UfwRuler?
A: Just delete the /opt/UfwRuler/ folder:
sudo rm -rf /opt/UfwRulerIf you added an alias, remove it manually from your .bashrc.