🧱

Firewall Rule Generator

Generate secure firewall rules for iptables and UFW. Pre-configured templates for common security scenarios with customizable settings.

Firewall Type

Rule Template

Basic Settings

Service Rules

Database Rules

Advanced Settings

Custom Rules

Generated Rules

#!/bin/bash
# Generated by Mamba Host Firewall Rule Generator
# Save this script and run with: sudo bash firewall-rules.sh

# Reset UFW to default
ufw --force reset

# Set default policies
ufw default drop incoming
ufw default allow outgoing

# Allow SSH on port 22
ufw allow 22/tcp comment 'SSH'

# Allow DNS
ufw allow 53 comment 'DNS'

# Enable UFW
ufw --force enable

# Show status
ufw status verbose

echo "Firewall rules applied successfully!"

Features

Multiple Templates

Pre-configured templates for web servers, databases, SSH hardening, and Docker environments

Highly Customizable

Configure ports, services, default policies, and add custom rules for your specific needs

Both UFW & iptables

Generate rules for both UFW (Ubuntu/Debian) and iptables (all Linux distributions)

How to Use Your Firewall Rules

🛡️ UFW (Ubuntu/Debian)

  1. 1. Download the generated script
  2. 2. Make it executable: chmod +x firewall-rules-ufw.sh
  3. 3. Run with sudo: sudo bash firewall-rules-ufw.sh
  4. 4. Check status: sudo ufw status verbose

🔧 iptables (All Linux)

  1. 1. Download the generated script
  2. 2. Make it executable: chmod +x firewall-rules-iptables.sh
  3. 3. Run with sudo: sudo bash firewall-rules-iptables.sh
  4. 4. Install persistence (Ubuntu/Debian): sudo apt-get install iptables-persistent
  5. 5. Save rules: sudo netfilter-persistent save

Security Best Practices

1

Test Before Deploying

Always test firewall rules on a non-production system first to avoid locking yourself out.

2

Keep SSH Access Open

Ensure SSH is allowed before applying rules, or you may lose access to your server.

3

Use Non-Standard Ports

Consider changing default SSH port (22) to a non-standard port to reduce automated attacks.

4

Enable Logging

Enable firewall logging to monitor blocked connection attempts and troubleshoot issues.

5

Default Deny Policy

Use DROP or REJECT as default policy and explicitly allow only required services.

6

Regular Reviews

Regularly review and update firewall rules as your infrastructure changes.

7

Rate Limiting

Consider adding rate limiting rules for SSH and other sensitive services to prevent brute force attacks.

Template Explanations

🛡️

Basic

Minimal security setup with SSH access, DNS resolution, and ping enabled. Good starting point for most servers.

🌐

Web Server

Configured for hosting websites with HTTP, HTTPS, and SSH access. Includes logging for security monitoring.

🔒

SSH Hardening

Enhanced security with non-standard SSH port, ping disabled, and aggressive logging. Best for security-critical servers.

💾

Database

Allows MySQL and PostgreSQL access along with SSH. Configured for database server hosting.

🐳

Docker

Optimized for Docker environments with container networking support. Includes web services for containerized apps.

⚙️

Custom

Blank template to build your own firewall configuration from scratch with full control over all settings.

More VPS Tools

SSH Key Generator

Generate secure SSH keys for server access

Try Now →

Nginx Config Generator

Generate Nginx configuration files easily

Try Now →

Htaccess Generator

Build .htaccess files for Apache servers

Try Now →
Back to VPS Tools