ufw

sudo ufw logging on			# default is low [off, medium, high, full]
sudo ufw disable			# unloads firewall and does not start on boot
sudo ufw enable				# enables firewall on reboot
sudo ufw status verbose		# includes default outgoing, incoming, route info with verbose
sudo ufw reload				# perform after changing any rules
sudo ufw reset				# disables and resets firewall to installation defaults
sudo ufw show <report>		# [raw, builtins, before-rules, user-rules, logging-rules, listening, added]

sudo ufw allow 53
sudo ufw allow 25/tcp

sudo ufw deny proto tcp to any port 80
sudo ufw deny 10.,0.0.0/8 to 192.168.0.1 port 25
sudo ufw allow from 192.168.1.0/24		# allow network to this host

sudo reject 23 'telnet is not secure'
sudo allow 443 ''		# removes comment

sudo ufw insert 3 allow 80	# insert rule as number 3
sudo ufw prepend deny 23	# add a rule before all other rules
sudo ufw status numbered	# see list of numbered rules

sudo ufw allow ssh/tcp
sudo ufw allow 80

sudo ufw deny http		 	# ignores requests silently
sudo ufw reject http 		# ignores requests, but also tells sender of traffic being denied

sudo ufw delete allow 80/tcp
sudo ufw delete 3				# delete rule 3

sudo ufw limit ssh/tcp		# protects against brute force attack by denying an IP if 6 attempts/30sec

sudo ufw allow in on eth0 to any port 80 proto tcp