I want to configure ufw to deny everything except the related and established connections. On iptables I usually did :
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
I read that the next code on ufw is closely related:
ufw default deny incoming
ufw default deny forwarding
ufw default allow outgoing
ufw allow 443/tcp
ufw allow 53/tcp
................
The problem is, with that ufw code I'm allowing ALL the traffic incoming from that ports. With iptables, only the established connections were allowed.
How could I configure the same rules on ufw?
Best Answer
Looks like you don't need to do anything to allow RELATED/ESTABLISHED Connections.
In ver. 0.36 of UFW I'm looking at on Ubuntu Core 16.04, the rules to allow RELATED/ESTABLISHED connections are there by default.
Crack-open the before.rules rules, you'll see the job has been done for you: