Creating Custom UFW Application Profiles

When setting up a VPS for your pet projects, you often need to allow specific applications through UFW (Uncomplicated Firewall). While UFW comes with some pre-defined application profiles, you might need custom ones for your specific use case.

Custom UFW application profiles can be created by adding new files in /etc/ufw/applications.d/

Step-by-Step Guide

1. Create a new profile file

   sudo nano /etc/ufw/applications.d/myapp
   

2. Add your application definition

   [MyApp]
   title=My Custom Application
   description=Custom ports for my application
   ports=8080,8081/tcp|9090/udp
   

3. Update UFW

   sudo ufw app update MyApp
   

4. Verify the profile

   sudo ufw app info MyApp
   

5. Enable the application

   sudo ufw allow MyApp
   

Remember to reload UFW after adding profiles:

sudo ufw reload

Real Example

Here’s an actual profile I use for a Node.js application with WebSocket support:

[NodeApp]
title=Node.js Full Stack App
description=Node.js application with HTTP and WebSocket ports
ports=3000/tcp|3001/tcp|8080/tcp

Understanding the Profile Format

• [MyApp]: Profile name (used in UFW commands)
• title: Short description
• description: Longer explanation
• ports: Port definitions
  • Use comma (,) to separate multiple ports

  • Use pipe (

    ) to separate TCP and UDP

  • Add /tcp or /udp to specify protocol