Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?


Failed to load latest commit information.
Latest commit message
Commit time

ufw Frontends Main Window Firewall Rule

Currently, UFW provides only a command-line interface (CLI) for user interaction--the ufw command. This project implements graphical frontends for UFW using PyGTK.


Version 0.3.2 Released! (April 6, 2012)

Fixed bugs:

  • Issue #18 (on Google Code)
  • Issue 19 (on Google Code)
  • Issue 20 (on Google Code)

Version 0.3.1 Released! (September 11, 2011)

Fixed bugs:

  • Issue 16 (on Google Code)
  • Issue 17 (on Google Code)

Version 0.3.0 Released! (September 6, 2011)


  • This will probably be the last feature release of ufw-frontends in its current form. I'm planning a major reorganization of its code using pygtkmvc.
  • Code is now hosted at GitHub.

New Features:

  • View ufw log entries from within ufw-frontends (Events tab).

    The entries in the Events tab are parsed directly from the ufw log. New events are shown as soon as they appear in the ufw log. This feature requires Pyinotify.

  • Create rules based on the list of events in the event log.

    You can use this feature to allow blocked connections.

  • Add support for more IPT modules specifically:

    • nf_conntrack_ftp and nf_nat_ftp (for FTP)
    • nf_conntrack_irc and nf_nat_irc (for IRC)
    • nf_conntrack_sane (for saned)

Fixed bugs:

  • Issue 15 (on Google Code)


  • Feature parity with the CLI frontend (add/delete rules, enable/disable firewall, show reports, etc.)
  • Supports editing and reordering of existing rules
  • Ability to enable/disable IPv6 support
  • Import/export of rules 1
  • Intuitive and straightforward PyGTK interface

1 NOTE: Exported rules are simply shell scripts containing a series of ufw commands, nothing fancy. This approach is advantageous because you can execute the scripts directly.

What about Gufw?

Short answer: Gufw is flawed by design.

This is because it was designed and implemented as a frontend for the CLI, which is a frontend itself. That is, it was designed and implemented as wrapper for a wrapper.

UFW was designed with extensibility in mind. Moreover, it already provides code and interfaces that can be readily extended for creating additional frontends (not just wrappers around the ufw command).

ufw-frontends uses the UFW Python modules directly, thus preventing code duplication, unnecessary code, and an additional layer of execution (ufw-frontends -> iptables vs. Gufw -> CLI -> iptables). This also makes ufw-frontends faster, since it does not call the ufw command for every operation, and more powerful, since it has direct access to the UFW internals. In other words, it does more with less (code).

ufw-frontends vs. Gufw at a glance

  ufw-gtk 0.3.2 Gufw 12.04.1
Toolkits PyGTK GTK+ 3 (via GIR)
Code Size 42.0 KiB 61.7 KiB
Translations Partial (via ufw) Yes
Edit Rules Yes No
Reorder Rules Yes No (LP #605380)
Import/Export Rules Yes No (LP #486285)
App Profiles Support Yes No (LP #963871)
Reports Yes No
Additional IPT Modules Yes (pre-configured) No