Dev
Generador de prompts de reglas de firewall
Used by developers, writers, and creators worldwide.
A firewall rule prompt generator builds a careful, fill-in request you can give an AI assistant so it writes firewall rules that lock the box down without locking you out. Pick the tool — ufw, iptables, firewalld, or an AWS security group — and describe what to allow or deny, and it produces a prompt that asks for a default-deny policy, the exact rules in order, management ports restricted to specific source IPs, a comment on every rule, instructions to verify and persist the configuration, and a warning about anything that could cut off your own access. Sysadmins use it to secure a server and avoid the classic mistake of opening SSH to the whole internet. It runs in your browser and generates instantly. Edit the goal and pick the tool, then paste the prompt into your assistant before touching a production box.
Read the complete guide — 5 min read
Loading usage…
Free forever — no account required
How to use
- Choose your options above
- Click Generate
- Copy your result
Detailed instructions
- Pick your firewall tool.
- Describe what to allow or deny.
- Click Generate to build the prompt.
- Paste it into your AI assistant and test on a non-critical host first.
Use Cases
- •Getting safe firewall rules from an AI assistant
- •Locking SSH to specific source IPs instead of the world
- •Setting a default-deny inbound policy correctly
- •Writing rules for ufw, iptables, firewalld, or AWS
- •Standardising how a team requests firewall changes
Tips
- →Allow your own IP before tightening SSH to avoid lockout.
- →Default to deny inbound and open only what you need.
- →Keep a console or out-of-band session open while applying rules.
- →Persist rules so they survive a reboot once verified.
FAQ
why default to deny inbound
A default-deny inbound policy means only the traffic you explicitly allow gets through, which is the safe baseline. Default-allow leaves every unlisted port open, so a forgotten service becomes an attack surface you never noticed.
why restrict SSH to specific IPs
Exposing SSH to 0.0.0.0/0 invites constant brute-force attempts. Limiting the management port to your office or VPN IP range removes that entire class of attack, and the prompt makes this a requirement rather than an option.
how do I avoid locking myself out
The prompt asks the assistant to warn about rules that could cut your access and to keep changes reversible. In practice, test on a console session, allow your own IP first, and use a timed rollback so a mistake undoes itself.
You might also like
Popular tools from other categories that share themes with this one.