Re: A question regarding ufw
UFW will start automatically at boot time. You don't need to do anything, also be aware it is a front end for iptables like firestarter.
Also the ufw default policy is drop input accept forward and output
Re: A question regarding ufw
So, I don't need to test the status of ufw using the "sudo ufw status verbose" command? Is there any chance of ufw showing the issue I had with firestarter as I mentioned in the earlier post?
Re: A question regarding ufw
I've not seen ufw just not set policies according to the rules you set out. If you're that concerned I would just write an iptables script and set it to run when your networking starts. That's just me though, I don't really use UFW or other front ends so I don't have a whole lot of experience with them just magically deciding not to work.
Is there a particular reason you need a firewall? IE : Are you trying to block some service from being accessible from the internet? In a default configuration Ubuntu is not running any services so there really isn't anything to firewall.
Re: A question regarding ufw
Quote:
Originally Posted by
Dangertux
I've not seen ufw just not set policies according to the rules you set out. If you're that concerned I would just write an iptables script and set it to run when your networking starts. That's just me though, I don't really use UFW or other front ends so I don't have a whole lot of experience with them just magically deciding not to work.
Is there a particular reason you need a firewall? IE : Are you trying to block some service from being accessible from the internet? In a default configuration Ubuntu is not running any services so there really isn't anything to firewall.
I am not running any service. Ubuntu is installed on a desktop workstation. I am using the firewall as an additional layer of security, just in case I inadvertently install some server while installing other packages.
I was concerned because of the earlier issue I had with firestarter. Despite the fact that I was told that firestarter would set the iptables automatically when ubuntu starts, it didn't do that once. Can you tell me how ufw loads the iptables rules automatically at boot up time? Then, maybe I can check to see if all the necessary files are in the correct place.
Re: A question regarding ufw
Quote:
Originally Posted by
jsvidyad
I am not running any service. Ubuntu is installed on a desktop workstation. I am using the firewall as an additional layer of security, just in case I inadvertently install some server while installing other packages.
I was concerned because of the earlier issue I had with firestarter. Despite the fact that I was told that firestarter would set the iptables automatically when ubuntu starts, it didn't do that once. Can you tell me how ufw loads the iptables rules automatically at boot up time? Then, maybe I can check to see if all the necessary files are in the correct place.
UFW user rules are stored in /lib/ufw/user.rules and user6.rules (for ipv6).
UFW default rules are stored in /etc/ufw/before.rules /etc/ufw/after.rules and /etc/ufw/before6.rules and after6.rules (for ipv6).
Re: A question regarding ufw
Quote:
Originally Posted by
Dangertux
UFW user rules are stored in /lib/ufw/user.rules and user6.rules (for ipv6).
UFW default rules are stored in /etc/ufw/before.rules /etc/ufw/after.rules and /etc/ufw/before6.rules and after6.rules (for ipv6).
Can you tell me where the scripts which are loaded at boot-time are and how they are used? Then, maybe I can check those scripts to make sure that ufw does set the iptables rules when ubuntu starts. I just wanted to say that everytime I checked the status of ufw after logging in, I always found it active. I never ever found it inactive the way I found with firestarter.
Re: A question regarding ufw
I gave you the locations the rules are stored, so I'm not sure what else you want in regard of scripts, but the easiest way to see if your firewall rules are there is.
That being said, if you're not setting any rules, IE: you're just doing
the only thing that would be added in terms of iptables would be
Code:
iptables -P INPUT DROP
So there really isn't anything to see unless you add a rule.
Re: A question regarding ufw
I was hoping you could tell me how the ufw rules are loaded at system startup.
Re: A question regarding ufw
Maybe I wasn't clear. ufw just sets the iptables rules, right?? I just wanted to know where the script that sets iptables rules at startup is and how it sets the iptables rules