Enable or disable the firewall:
ufw enable
ufw disable
Allow all incoming HTTP traffic and reject telnet globally (normally 'deny' is used but 'reject' will explicitly reject a connection):
ufw allow in http
ufw reject telnet comment 'telnet is not encrypted'
Allow incoming ssh from certain hosts, IPv4 or IPv6:
ufw allow in from 10.254.254.0/24 to any port 22
ufw allow in from 2001:db8::/32 to any port 22
Enable rate limiting for ssh, preventing more than 6 access attempts for an IP address for 30 seconds.
ufw limit ssh
Special case for only TCP traffic, or only IPv6.
ufw allow in http/tcp
ufw allow in http/tcp proto ipv6
Example:
ufw allow in from 10.254.254.0/24 to any port 22 comment 'internal network/ssh'