I am learning to set up my very first firewall remotely over SSH.
Since ufw is the default firewall front end with ubuntu, that's what I am learning to use. As I go along, I am trying to document the process:
http://linux.overshoot.tv/wiki/serve...cated_firewall
Despite all the existing documentation I found on the web, I already have a question. Two, actually.
1) If one accidentally locks himself out and cannot reconnect to the remote server via SSH, what is the 'normal' process to recover control of the server?
2) In the wiki page linked above, I tried to document a method that I thought would allow a new sysadmin to test the new firewall without getting locked up. However, when I look at the iptables rules, I don't get the result I expected:
On a new system, there are absolutely no rules:
Enable ufw:Code:# iptables -L -n -v Chain INPUT (policy ACCEPT 2793K packets, 569M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 1768K packets, 5488M bytes) pkts bytes target prot opt in out source destination
then check the output of iptables again (same command as above): this time we have a loooooong list of rules, those enabled by default by ufw.Code:ufw enable
Disable ufw:
I kind of expected at this time for the iptable rules to be back to the empty set we had at the beginning. However, we still have all the rules that were added when we first enabled ufw.Code:ufw disable
What does this imply? Do those rules apply? Is there an effective firewall?
Is my logic somehow faulty in the 'Setting up your first firewall' section of the wiki here:
http://linux.overshoot.tv/wiki/serve...cated_firewall
??
Thank you for any insight that you can provide.
Bookmarks