memilanuk
July 10th, 2009, 12:59 AM
Hello all,
Taking some first steps with my new Ubuntu 9.04 server. I was fixin' to open up access to http & smb for BackupPC, using ufw.
monte@blackbetty:~$ sudo ufw app list
Available applications:
Apache
Apache Full
Apache Secure
OpenSSH
Postfix
Postfix Submission
Samba
monte@blackbetty:~$
SSH & Samba I expected. Postfix is only there for local mail, so no external access necessary. The 'Apache', 'Apache Full', and 'Apache Secure' got me wondering, though.
Thinking that maybe 'Apache Secure' was a ufw profile for secure (SSL) connections, I ran the following command:
monte@blackbetty:~$ sudo ufw app info Apache Secure
Profile: Apache
Title: Web Server
Description: Apache v2 is the next generation of the omnipresent Apache web
server.
Port:
80/tcp
monte@blackbetty:~$
which seems to indicate that its going to just open up port 80, like a regular web server would use. FWIW, running the 'ufw app info' for the other two profiles returns *exactly* the same information.
man ufw
led me to /etc/ufw/applications.d/, specifically the file 'apache2.2-common' which contained the following:
[Apache]
title=Web Server
description=Apache v2 is the next generation of the omnipresent Apache web server.
ports=80/tcp
[Apache Secure]
title=Web Server (HTTPS)
description=Apache v2 is the next generation of the omnipresent Apache web server.
ports=443/tcp
[Apache Full]
title=Web Server (HTTP,HTTPS)
description=Apache v2 is the next generation of the omnipresent Apache web server.
ports=80,443/tcp
I'm guessing from that there actually *is* some difference between the three profiles... which begs the question, 'Why does the profile reported by ufw not reflect the config file?'
Any ideas?
TIA,
Monte
Taking some first steps with my new Ubuntu 9.04 server. I was fixin' to open up access to http & smb for BackupPC, using ufw.
monte@blackbetty:~$ sudo ufw app list
Available applications:
Apache
Apache Full
Apache Secure
OpenSSH
Postfix
Postfix Submission
Samba
monte@blackbetty:~$
SSH & Samba I expected. Postfix is only there for local mail, so no external access necessary. The 'Apache', 'Apache Full', and 'Apache Secure' got me wondering, though.
Thinking that maybe 'Apache Secure' was a ufw profile for secure (SSL) connections, I ran the following command:
monte@blackbetty:~$ sudo ufw app info Apache Secure
Profile: Apache
Title: Web Server
Description: Apache v2 is the next generation of the omnipresent Apache web
server.
Port:
80/tcp
monte@blackbetty:~$
which seems to indicate that its going to just open up port 80, like a regular web server would use. FWIW, running the 'ufw app info' for the other two profiles returns *exactly* the same information.
man ufw
led me to /etc/ufw/applications.d/, specifically the file 'apache2.2-common' which contained the following:
[Apache]
title=Web Server
description=Apache v2 is the next generation of the omnipresent Apache web server.
ports=80/tcp
[Apache Secure]
title=Web Server (HTTPS)
description=Apache v2 is the next generation of the omnipresent Apache web server.
ports=443/tcp
[Apache Full]
title=Web Server (HTTP,HTTPS)
description=Apache v2 is the next generation of the omnipresent Apache web server.
ports=80,443/tcp
I'm guessing from that there actually *is* some difference between the three profiles... which begs the question, 'Why does the profile reported by ufw not reflect the config file?'
Any ideas?
TIA,
Monte