Cybersecurity Triage

List Numbered UFW Rules

You need a compact, ordered UFW rule list that can be discussed or reviewed without editing anything.

Command

ufw status numbered

What changed

Nothing changes. UFW prints the ordered rule list.

Danger

safe

When to use it

Use when reviewing which inbound rules exist before considering a rule delete, insert, or policy change.

When not to use it

Do not delete rules by number from stale output; rule numbers can change after edits.

Undo or recovery

No undo needed because this command is read-only.

Expected output

Numbered UFW rules with destination, action, and source.

demo script

Disposable terminal steps

ufw status numbered
ufw status numbered | awk '/ALLOW|DENY/ {print}'

Terminal transcript Demo JSON

simulated output

What it looks like

disposable vessel

::fixture-ready::
$ ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 22/tcp                     ALLOW IN    203.0.113.0/24
[ 2] 80/tcp                     ALLOW IN    Anywhere
[ 3] 443/tcp                    ALLOW IN    Anywhere
[ 4] 25/tcp                     ALLOW IN    Anywhere
[ 5] 5432/tcp                   DENY IN     Anywhere
::exit-code::0
$ ufw status numbered | awk '/ALLOW|DENY/ {print}'
[ 1] 22/tcp                     ALLOW IN    203.0.113.0/24
[ 2] 80/tcp                     ALLOW IN    Anywhere
[ 3] 443/tcp                    ALLOW IN    Anywhere
[ 4] 25/tcp                     ALLOW IN    Anywhere
[ 5] 5432/tcp                   DENY IN     Anywhere
::exit-code::0

YouTube Short

Number firewall rules first.

Before changing UFW, print numbered rules. It gives everyone the same ordered list to review.

experiments

A/B tests to run

Metric: completion_rate

A: Review by rule number.

B: Get the ordered firewall list.