Linux Firewall Rule Generator — v3

Generate UFW, iptables (+ipset), or nftables scripts with country-blocking, IPv6, and profile import/export — all client-side.

Legal Disclaimer: This tool is for educational and informational use only. Generated scripts may alter network access or lock you out of your systems. Always review and test outputs in a safe environment. The author and host accept no liability for damage, data loss, or misuse. Do not run generated scripts without understanding them.
General
Services / Ports
Pick services you want to allow (TCP unless noted)
Admin / IP
Exempt an admin IP so you don't lock yourself out
Country Blocking
Select countries to block. Country blocking uses ipset for iptables; nftables uses native sets. If running UFW, country-blocking will be skipped (UFW doesn't natively support ipset).
IPv6 lists may not be available for all providers; generator will skip those gracefully.
Profile
Profiles save: firewall type, role, services, countries, ip mode.