Ufw (Uncomplicated Firewall) is program for managing a netfilter firewall.
It provides a command line interface and aims to be uncomplicated and easy
to use. It is not intended to provide a complete firewall functionality via
its command interface, but provides an easy way to add or remove simple rules.
To run ufw at boot you can add the following code to rc.local file:
if [ -x /etc/init.d/ufw ]; then
/etc/init.d/ufw start
fi
Rules can be added with ports, services or application names. To specify an
application you need a profile stored under /etc/ufw/applications.d directory.
To add a profile create a app_name.INI file as the following:
[Samba]
title=File/printer server for Unix
description=Samba is a collection of programs that implements the SMB/CIFS protocol for unix systems.
ports=137,138/udp|139,445/tcp
Then, for example you can run:
ufw allow from xx.xx.xx.xx app samba