Firewall Rule Generator — v4.1.1

Generate Linux, macOS, and Windows firewall scripts. Everything runs client side.

Legal Disclaimer: This tool is for educational and informational use only. Generated scripts may alter network access or lock you out of your systems. Always review and test outputs in a safe environment. The author and host accept no liability for damage, data loss, or misuse. Do not run generated scripts without understanding them.
Use the blue buttons or the dropdown below.
Platform
Generating Linux scripts. Switch to macOS or Windows for their native outputs.
General
Services / Ports
Pick services you want to allow (TCP unless noted)
Admin / IP
Exempt an admin IP so you do not lock yourself out
Country Blocking
Select countries to block. Country blocking uses ipset for iptables and native sets for nftables. UFW will skip this feature.
IPv6 lists may not be available for all providers. The generator will skip gracefully.
Profile
Profiles save OS, engine, firewall type, role, services, countries, IP mode.