Is your ufw active?

Olli · 9 January 2023 20:35

???

it’s always the terrible misery not to forget activating ufw with

sudo systemctl enable ufw
sudo systemctl start ufw

Frenchy · 10 January 2023 06:01

Or just simply using the GUI as well. The choice is there…

Neome · 10 January 2023 16:28

same for me (coming from debian). I realized now that on every bootup it is disabled.

Neome · 10 January 2023 16:30

thank you ion, I’m going to follow your advisory help now and test if ufw is reliably enabled on every bootup hereafter.

TriMoon · 10 January 2023 16:35

My ISP has a double NAT… it first does a NAT from the internet to 10.x.x.x then my ISP’s modem does a NAT from 10.x.x.x to 192.168.x.x…
The x’s doesn’t mean complete network mask, but rather a random IP…

Neither my ISP nor my modem forwards uninitiated connections from outside to me
So they basically are a firewall already when combined this way…

linub · 10 January 2023 16:44

enabling it in the GUI is not enough as it gets disabled upon reboot.
you have to type these 3 commands :

sudo systemctl enable ufw.service
sudo ufw enable
sudo systemctl start ufw.service

TriMoon · 10 January 2023 17:41

I guess that could be shortened to:

systemctl enable --now ufw
sudo ufw enable

Not sure if that 2nd line is really needed though…

linub · 10 January 2023 18:27

it’s a weird command,quit specific to this package,i haven’t seen it in another format elsewhere,
but if i recall correctly i got a response/feedback in the terminal once i executed it.

banjo · 10 January 2023 18:29

Here on xfce, once enabled via GUI or terminal, it stays enabled.

Edit:
Some old (xfce 4.10 or 4.12) commands i have stored.

sudo systemctl enable ufw.service

sudo ufw status

sudo ufw enable

sudo ufw default reject incoming

sudo ufw default allow outgoing

sudo reboot

…these should still be valid.

Hanzel · 10 January 2023 19:04

On Gnome I have the same experience as @linub

TriMoon · 11 January 2023 13:49

Ofcourse you will because you execute the command, but if you use the GUI it should do the same as that command-line.

This first line is to allow it to apply it’s config at boot, which should also include it’s state of enabled/disabled…
(Whether done via command-line or GUI)

tefter · 19 January 2023 04:05

I got ipv6 with my ISP, so firewalls again ;p
Disabled on router, so I need one on Linux box

system · 24 January 2023 18:05

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.