Managing firewall rules across different operating systems is tedious and error-prone. Each platform has its own syntax, its own tools, and its own quirks. UAML's Firewall Management wizard unifies all of this into a single, intuitive interface that works the same whether you're securing a Linux server, a Windows workstation, or a macOS laptop.
The wizard detects your operating system automatically and presents you with the appropriate options. No need to remember whether it's ufw allow 443 or netsh advfirewall firewall add rule — UAML translates your intent into the correct commands for your platform.
Automatic OS Detection
🔍 Smart Platform Recognition
UAML detects your host OS at startup and selects the appropriate firewall backend automatically. Linux systems use UFW or iptables (with nftables support), Windows uses the Windows Firewall with Advanced Security API, and macOS uses the pf packet filter. You configure rules once — UAML handles the translation.
The detection goes beyond just identifying the OS. UAML checks which firewall tools are available, whether they're currently active, and what rules are already in place. This means you get a complete picture of your current security posture before making any changes.
Visual Rule Builder
🎨 No CLI Required
Build firewall rules visually through the Web UI. Select protocols, ports, and directions from dropdown menus. Define source and destination ranges with auto-complete. Group rules into named profiles like "UAML Agent" or "Development" for easy management.
The visual builder includes intelligent defaults based on your UAML agent configuration. If your agent uses the local API on port 8780, the wizard automatically suggests allowing that port on localhost while blocking external access. If your agent doesn't need network access at all, the wizard suggests a deny-all profile.
Rules are organized into logical groups, making it easy to enable or disable entire feature sets at once. Need to temporarily open ports for debugging? Toggle the "Debug" group on, do your work, toggle it off. No hunting through rule lists.
Preview Before Execution
👁️ See Before You Apply
Every rule change shows you a preview of the exact commands that will be executed on your system. You see the diff between current and proposed state. Nothing runs until you explicitly confirm. Dangerous changes (like blocking SSH on a remote server) trigger additional warnings.
The preview system is designed to prevent lockouts. If you're connected via SSH and attempt to create a rule that would block your SSH connection, UAML warns you with a clear, unmissable alert. It also suggests adding a safety rule to keep your SSH session alive, or offers to set a timeout that auto-reverts the change if you lose connectivity.
Auto-Generated Rules
UAML analyzes your agent configuration and generates a minimal set of firewall rules that allow exactly what your agent needs — nothing more. The principle of least privilege is enforced automatically. As your agent configuration changes, the wizard suggests rule updates to keep your firewall in sync.
For enterprise deployments, rules can be templated and distributed across your fleet. Define a base security profile once, then apply it to all agent hosts with a single action. Host-specific overrides are supported for edge cases, but the base profile ensures consistent security across your organization.
Why It Matters
- Cross-platform — one interface for UFW, iptables, Windows Firewall, and macOS pf
- Safe by default — preview and confirmation prevent accidental lockouts
- Minimal attack surface — auto-generated rules follow the principle of least privilege
- No CLI knowledge needed — visual wizard handles the syntax for you
- Auditable — every rule change is logged with timestamp and reason