How to make firewall run before login?

Who, Precious? Who! We must knows!

Sneaky little hobbitses! Wicked, tricksy, false! :stuck_out_tongue_closed_eyes:

1 Like

All this warm and fuzzy sentiment and nobody has bothered to mark the solution. Letā€™s pass the blame to @linux-aarhus for solving this one. :+1:

For starters that member never actually ask about that, if they did they didnā€™t phrase it well enough. Secondly thatā€™s irrelevant, I asked for how to autorun it before login, not how to configure the specifics which are better left to after I have it autorunning.

Edit: I now see where he asked that, still irrelevant until I actually asked about how to configure it. systemd will certainly not care what the name of the program to boot is so long as it exists.

You speak as if everyone wants to deal with CLIs 24/7, no thank Iā€™d rather a GUI deal with the details for me. The solution given above did the job, now that itā€™s automatically running what firewall Iā€™m using (firewalld is the one set for autorun before login) becomes relevant since the port blockage of udp 631 was not retained across sessions. I will have a look through the docs linked earlier again to see if thereā€™s something I can use to provide arguments to firewalld but beyond that Iā€™ll be waiting for any responses that could help me faster than the docs

Edit: Firewalld - ArchWiki mentioned firewall-config was supposed to be the GUI for configuring the rules of firewalld so gave the other UI present in my start menu a try. Not a fan of that UI by any means but Iā€™ll see by 2mw at the latest if that did the job.

The solution is supposed to be marked by me when I confirm it worked, I clicked it just a few moments ago but because it was green to begin with Iā€™m now confused itā€™s actually marked as the solution or not. Should never be arbitrarily marked by another as the solution without confirmation it did the job it was supposed to.

Edit: edit was applied to wrong post, shifted to correct post

Your question How to make firewall run before login has been answered.

There is no other ways to ensure firewalld is active than to execute

sudo systemctl enable --now firewalld

If you sync the package python-pyqt6 you will get an additional taskbar icon.

The firewall-config application only works when the service is running.

If you are looking for a GUI to manage systemd service - perhaps syncing systemdgenie will provide just that.

Did you even read my posts or did you just overreact to a change made due to a change you probably made that left me with confusing result when I tried to mark the solution? Assuming the solution is not marked a solution as I intended then I will mark it once you point out the current state recorded is not as intended.

I have no idea what you are saying - completely confused :confused:

I did read - but why would you want the UI to load before you login?

When I went to mark the solution the colour was already green, which I would expect if I had marked the solution as so but I hadnā€™t so I assumed my expectation was wrong and clicked it to mark it as the solution. Judging by your post however it seems you marked it for me without confirming if it gave me the result I was expecting or not, which is absolutely the wrong thing to do because it obviously had the opposite effect when I went to actually mark it as the solution. If you did mark it as a solution before hand then at least add an admin edit to say that you marked it so that the user is not confused like I was.

Edit: where did I say I want the UI to load before login? I said I wanted the firewall to load before login. Any sane person would treat the term firewall as a catch all term for a firewall that runs in the background, not an actual program name.

I have not marked anything as a solution - how did you reach that conclusion?

You missed the If part when reading my response. Since you didnā€™t then the solution should be marked as a solution as I intended unless some other admin marked it before me and failed to leave any post or edit to say they did.

Unless I am the most ignorant idiot here

OK - at login then ā€¦ but your topic title - and the content of your OP - indicates

  1. how to ensure the service is actually enabled and running
  2. you wanted some kind of visual to let you know the firewall is indeed active upon login

That is what the optional dependency python-pyqt6 makes possible.

My deepest and most humble apologies for not understanding all the off topic chatter after my initial comment

sudo systemctl enable --now firewalld

No, I wasnā€™t looking for a visual confirmation - that would be given from the UIā€™s reaction. I just needed it to be active prior to the UI and since itā€™s a firewall I would expect it to need root permissions to do itā€™s job properly. In which case having it load after login seems like a bad idea, instead having it load before login seems the best way to achieve both root permissions and a constantly active firewall.

Edit: anyways if the UI I used did make the rule last beyond logout/shutdown then Iā€™ll make a post with a screenshot of the UI and request the thread be locked at that time. The latest said post will come is 2mw morning as every night I shutdown my laptop anyways.

I marked the solution, as it appeared you had trotted away completely forgetting to do it yourself. This happens more times than you might imagine.

Starting the firewalld service during boot is indeed the (most recognised) solution to your issue.

sudo systemctl enable --now firewalld

There are few competant Linux users who would dispute that.

And now that you have confirmed this for your own peace of mind, and noted it accordingly, I have marked the relevant post as the solution, as you have again trotted away leaving it unattended.

What? Oh, yes, youā€™re welcome.

Yes, the tick should be green to indicate the solution has been marked. Clicking the button can often take a few moments to resister. Sometimes refreshing the page will help.

I already explained my reasons for marking the solution, and there was nothing arbitrary about my choice ā€“ the solution was obvious.

I can answer that, with your own words:

I donā€™t believe that is the case.

In a later post from you also stated:

That would seem to confirm that the noted solution not only worked, but was also acknowledged as working by you.

Your issue is solved. Dude, take the win.

Cheers.


Let me address this also:

The success or failure of any firewall rules you might add has absolutely no bearing on the topic as defined by you:

How to make firewall run before login?

Again, that question ā€“ and therefore the premise of this support thread ā€“ has been answered with the command given by @linux-aarhus.

As to if/when this thread will be closed (locked); thatā€™s usually at the discretion of @moderators.

Iā€™m glad your issue is solved. Cheers.

1 Like

Then you shouldā€™ve also added an ā€œAdmin Edit:ā€ or similar to my post so that it could be made clear to me when I went to mark it that it had already been done so. That said I hadnā€™t yet confirmed the solution had worked for me, only that systemd had accepted the command without issue. That does not confirm that the firewall indeed started booting with linux prior to logging into my account.

What part of Iā€™ll see by 2mw indicated I had trotted away completely?

No I didnā€™t as you can see from all the posts and from this statement I made:

Again, wait for CONFIRMATION. What if somehow that had not solved my issue? Then the post wouldā€™ve been incorrectly marked as solution and confused feature readers. Shouldā€™ve just let the topic close normally and then marked it with [unresolved] or [unconfirmed resolution] or similar at the front of the title. To avoid confusing future readers.

You didnā€™t read them properly, I said at login for the UI, not before login as I said for the firewall itself.

That doesnā€™t change that role of marking the solution was for me to do, not you. As I mentioned above you should at most wait for the thread to timeout then add something to the front of the title to mark it unresolved or to the expected solution to mark it as a probable solution. That wouldā€™ve been much less confusing and I wouldnā€™t have unknowingly unmarked the solution that I had intended to mark as the solution.

Incidentally this did appear to resolve the ā€œkeeping the rule across loginsā€ issue I mentioned later in the thread. I see no reason for more responses so admin feel free to lock the thread unless you see potential for another response of some kind.

Would you (or anyone else) care to tell me, what 2mw as an indication of time means?
I have never seen this before.
Thanks!

1 Like

short for tomorrow, just converts the ā€œtoā€ part to 2 and keeps the 2 most prominent sound letters that hear during the word

Thanks.
I would not have guessed this in a million years.

1 Like

Outa curiosity, what would you have guessed given the context I used it in?