Canonical’s ufw lets you configure your firewall without the hassle of the iptables tool, while reducing the risk of misconfiguration and simplifying maintenance.
The netfilter firewall included in the Linux kernel can be comprehensively controlled with the iptables tool. However, iptables’ complexity not only drives some users crazy, it also increases the risk of unintentionally tearing holes in the firewall with incorrect rules or typos.
Canonical offers a remedy with the Uncomplicated Firewall (ufw) . The command-line program accepts clearly structured rules, which it translates into the appropriate iptables calls in the background. This approach also allows you the advantage of supplementing your setup with more complex rules in iptables, if needed.
Originally developed by Canonical for Ubuntu, ufw has been part of the distribution since Ubuntu 8.04. Alternately, you can install it with the ufw package. You can also now find ufw on other distributions.
Use Express-Checkout link below to read the full article (PDF).