Most of this information was acquired from https://www.linux.com/learn/introduction-uncomplicated-firewall-ufw

Having setup a basic firewall (I say basic, but it's also very effective) there might be a need to create some more complex configurations, and some of those are covered here.

Of the available arguments, the ones you’ll use the most with the ufw command are:

• allow
• deny
• reject
• limit

• status: displays if the firewall is active or inactive
• show: displays the current running rules on your firewall
• reset: disables and resets the firewall to default
• reload: reloads the current running firewall
• disable: disables the firewall

If you want to use a fuller syntax, you can then begin to define a source and a destination for a rule. Say, for example, you have an IP address you’ve discovered has been attempting to get into your machine (for whatever reason) through port 25 (SMTP). Let’s say that address is 192.168.2.100 (even though it’s an internal address) and your machine address is 192.168.2.101. To block that address from gaining access (through any port), you could create the rule like so:

      sudo ufw deny from 192.168.2.100/8 to 192.168.2.101 port 25

Let’s look at the limit option. If you have any reason for concern that someone might be attempting a denial of service attack on your machine, via port 80. You can limit connections to that port with UFW, like so: sudo ufw limit 80/tcp

By default, the connection will be blocked after six attempts in a 30-second period.

You might also have a need to allow outgoing traffic on a certain port but deny incoming traffic on the same port. To do this, you would use the directional argument like so. To allow outgoing traffic on port 25 (SMTP), issue the command:

      sudo ufw allow out on eth0 to any port 25 proto tcp

You could then add the next rule to block incoming traffic on the same interface and port:

      sudo ufw deny in on eth0 from any 25 proto tcp