ufw (Uncomplicated Firewall — Ubuntu)

ufw (Uncomplicated Firewall) est l'interface user-friendly du firewall Linux sur Ubuntu et Debian, conçue pour rendre la configuration accessible aux administrateurs débutants. Wrapper above iptables (ou nftables sur Ubuntu 20.04+).

Commandes essentielles : (1) `ufw status` — current state ; (2) `ufw enable` / `ufw disable` ; (3) `ufw allow ssh` — service par nom ; (4) `ufw allow 80/tcp` — port spécifique ; (5) `ufw allow from 192.168.1.0/24` — source CIDR ; (6) `ufw allow from 192.168.1.0/24 to any port 22` — source + port ; (7) `ufw delete allow 80/tcp` ; (8) `ufw reset` — reset all rules ; (9) `ufw default deny incoming` / `ufw default allow outgoing` — defaults ; (10) `ufw status numbered` — show rules with numbers (for deletion par num) ; (11) `ufw deny from 10.0.0.5` — block specific IP.

Profiles applications : `ufw app list` — predefined profiles (OpenSSH, Nginx Full, Nginx HTTP, Apache, etc.), `ufw allow 'Nginx Full'`. Profiles fichiers dans /etc/ufw/applications.d/.

Features avancées : (1) **Rate limiting** — `ufw limit ssh` — limit SSH connections (max 6 per 30s par IP, brute-force protection) ; (2) **Logging** — `ufw logging on` ; (3) **IPv6 support** ; (4) **Custom rules** — /etc/ufw/before.rules pour iptables/nftables raw si nécessaire.

Vs firewalld : ufw plus simple, less powerful. Both abstractent firewall complexity. Ubuntu desktop / petites VPS : ufw idéal. Enterprise complex : direct iptables/nftables ou firewalld. Compétences LFCS, Security+.