How to List and Delete UFW Firewall Rules
UFW (Uncomplicated Firewall) is a user-friendly frontend for managing Linux firewall (netfilter) rules. It is the default firewall configuration tool for Ubuntu and is also available on other Linux distributions such as Debian .
This guide explains how to list and delete UFW firewall rules using the command line.
Quick Reference
| Task | Command |
|---|---|
| Show firewall status and rules | sudo ufw status |
| Show status with logging and defaults | sudo ufw status verbose |
| Show numbered rules | sudo ufw status numbered |
| Delete rule by number | sudo ufw delete NUMBER |
| Delete rule by number (non-interactive) | sudo ufw --force delete NUMBER |
| Delete rule by specification | sudo ufw delete allow 80/tcp |
| Reset firewall and remove all rules | sudo ufw reset |
For a printable quick reference, see the UFW cheatsheet .
Prerequisites
The user running UFW commands must be a sudo user.
Listing UFW Rules
To check the status of UFW and list all active rules, run:
sudo ufw statusIf UFW is disabled, the output looks like this:
Status: inactiveIf UFW is active, the output prints all active firewall rules:
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)Verbose Output
To display additional information such as logging level, default policies, and new profiles, use status verbose:
sudo ufw status verboseStatus: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp ALLOW IN Anywhere
22/tcp (v6) ALLOW IN Anywhere (v6)Numbered Output
Use status numbered to display the order and ID number of each rule. This is useful when you need to delete a specific rule by its number:
sudo ufw status numberedStatus: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 80/tcp ALLOW IN Anywhere
[ 3] 443/tcp ALLOW IN Anywhere
[ 4] 8069/tcp ALLOW IN AnywhereDeleting UFW Rules
There are two ways to delete UFW rules:
- By rule number: Easier when you have many rules. List the numbered rules and specify which number to delete.
- By specification: Specify the full rule definition to remove it.
Delete by Rule Number
First, list the rules with their numbers:
sudo ufw status numberedStatus: active
To Action From
-- ------ ----
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 80/tcp ALLOW IN Anywhere
[ 3] 443/tcp ALLOW IN Anywhere
[ 4] 8069/tcp ALLOW IN AnywhereTo delete rule number 4 (port 8069), run:
sudo ufw delete 4UFW asks for confirmation before deleting:
Deleting:
allow 8069/tcp
Proceed with operation (y|n)? y
Rule deletedType y and press Enter to confirm. Each time you remove a rule, the remaining rule numbers shift. Always list the rules again before deleting another one.
If you need a non-interactive deletion (for scripts), use:
sudo ufw --force delete 4Delete by Specification
You can also delete a rule by specifying its full definition. This method does not require listing numbered rules first.
For example, if you previously added a rule to allow port 2222:
sudo ufw allow 2222You can delete it by repeating the rule after ufw delete:
sudo ufw delete allow 2222This also works with more specific rules. To delete a rule that allows TCP traffic on port 80 from a specific subnet:
sudo ufw delete allow from 192.168.1.0/24 to any port 80 proto tcpReset UFW and Remove All Rules
Resetting UFW disables the firewall and removes all active rules. This is useful when you want to revert all changes and start with a clean configuration:
sudo ufw resetUFW creates backup files of the current rules before resetting. The backup file paths are displayed in the output.
Troubleshooting
ERROR: Could not find a profile matching
The rule you are trying to delete does not match any existing rule. Run sudo ufw status numbered to list the current rules and verify the exact rule syntax.
Rule numbers changed after deletion
UFW renumbers all rules after each deletion. Always run sudo ufw status numbered again before deleting the next rule.
Locked out of SSH after deleting a rule
If you accidentally removed the SSH rule, you need console or out-of-band access to the server. Once connected, re-enable SSH access with sudo ufw allow 22/tcp and then sudo ufw enable.
ufw: command not found
UFW is not installed. Install it with sudo apt install ufw on Ubuntu, Debian, and Derivatives, or sudo dnf install ufw on Fedora. RHEL-compatible systems commonly use firewalld; if you choose UFW there, you may need to enable EPEL or another suitable package source first.
FAQ
How do I list only IPv4 or IPv6 rules?
UFW does not have a built-in filter for IP version. You can pipe the output to grep: use sudo ufw status | grep -v '(v6)' to show only IPv4 rules, or sudo ufw status | grep '(v6)' to show only IPv6 rules.
Can I delete multiple rules at once?
No, UFW only deletes one rule at a time. If you need to remove all rules, use sudo ufw reset instead.
What happens to existing connections when I delete a rule?
Deleting a rule removes the firewall entry, but already established connections are not immediately dropped. New connections matching the deleted rule will be blocked.
How do I insert a rule at a specific position?
Use sudo ufw insert NUMBER RULE. For example, sudo ufw insert 1 allow from 10.0.0.0/8 adds the rule at position 1, before all other rules.
What is the difference between ufw disable and ufw reset?ufw disable turns off the firewall but keeps all rules intact. ufw reset disables the firewall and deletes all rules, restoring the default configuration.
Conclusion
You can list UFW firewall rules with sudo ufw status numbered and delete them by number or by specification. Always verify the numbered rule list before deleting, and take care not to remove your SSH access rule on remote servers.
Linuxize Weekly Newsletter
A quick weekly roundup of new tutorials, news, and tips.
About the authors
Dejan Panovski
Dejan Panovski is the founder of Linuxize, an RHCSA-certified Linux system administrator and DevOps engineer based in Skopje, Macedonia. Author of 800+ Linux tutorials with 20+ years of experience turning complex Linux tasks into clear, reliable guides.
View author page