Check the Firewall Status in Ubuntu

Ubuntu comes pre-installed with UFW (uncomplicated firewall) and you can use the given command to check the firewall status:

sudo ufw status

And if you get a similar output, it means your firewall is not enabled, which can be enabled using the given command:

sudo ufw enable

Now, the status will be changed to active and will show firewall rules you have defined in the past:

There are other ways to filter and get output for your specific use case. And if you want to know them, here you have it.

Get more detailed Firewall status

If the standard output is not enough for you, you can append verbose with this command and you will get a more detailed firewall status:

sudo ufw status verbose

Seems too complex? let me break it down for you.

• Logging: on indicates that users can read iptables and information related to packet transfers. UFW supports five logging levels, including off, low, medium, high and full, and you get low level by default.
• Default: deny (incoming), allow (outgoing), deny (routed): It means, on the default setting, all the incoming is denied and outgoing is allowed. But there are some exceptions (to deny all) which can be found using sudo ufw show raw.
• New profiles: skip: Indicates that the firewall is using default rules.

Filter allowed and denied services

To filter output, I will be using the grep command to filter specific results.

So if you want to list only the services that are allowed to pass through the firewall, use the following command:

sudo ufw status | grep -i allow

In the same manner, you can filter the denied rules using grep -i deny with the ufw status command:

sudo ufw status | grep -i deny

Wrapping Up

This guide was about checking the UFW firewall status in Ubuntu command line. If you no longer want to use UFW, we have a detailed guide on how to turn off UFW in Ubuntu.

And if you have any queries or have any other way to check the firewall status, let me know in the comments.