My internet doesn't connect automatically on Ubuntu anymore

Question

A few days ago I installed Apache on my Ubuntu operating system.

I wanted to make the server public.
Somehow I messed up the settings of the automatic internet connection at start-up.
My printer can't be found anymore.
I thought: OK I killed my Ubuntu account... then I will just create a new one and be more careful from now on ... no chance .. there is also no internet.
Should I reinstall Ubuntu?
Now I have always to do at start-up manually to be connected to the internet. (update I only did dhclient -v after reboot)

sudo dhclient -v
and at first I also used the following cmd, but dhclient seems to be enough.
sudo ufw enable

So if nothing works, could I just switch to another account?

What I tried

I didn't try much for not messing up that much
I disabled ufw after enable and the internet still works (not surprising).

Firewall UFW status

    sudo ufw status verbose
    Status: Aktiv
Protokollierung: on (low)
Voreinstellung: allow (eingehend), allow (abgehend), deny (gesendet)
Neue Profile: skip
Zu                         Aktion      Von

80,443/tcp (Apache Full)   ALLOW IN    Anywhere

137,138/udp (Samba)        ALLOW IN    Anywhere

139,445/tcp (Samba)        ALLOW IN    Anywhere

5050                       ALLOW IN    Anywhere

67,68/udp                  ALLOW IN    Anywhere

69/udp                     ALLOW IN    Anywhere

80,443/tcp (Apache Full (v6)) ALLOW IN    Anywhere (v6)

137,138/udp (Samba (v6))   ALLOW IN    Anywhere (v6)

139,445/tcp (Samba (v6))   ALLOW IN    Anywhere (v6)

5050 (v6)                  ALLOW IN    Anywhere (v6)

67,68/udp (v6)             ALLOW IN    Anywhere (v6)

69/udp (v6)                ALLOW IN    Anywhere (v6)
67,68/udp                  ALLOW OUT   Anywhere

69/udp                     ALLOW OUT   Anywhere

67,68/udp (v6)             ALLOW OUT   Anywhere (v6)

69/udp (v6)                ALLOW OUT   Anywhere (v6)

Ubuntu Version

lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 22.10
Release:    22.10
Codename:   kinetic

Here you can see that on the Ubuntu GUI is no connection logo.

app list

sudo ufw app list 
Verfügbare Anwendungen:
  Apache
  Apache Full
  Apache Secure
  CUPS
  Samba

networkd.conf

  GNU nano 6.4               /etc/systemd/networkd.conf                         
# the networkd.conf.d/ subdirectory. The latter is generally recommended.
# Defaults can be restored by simply deleting this file and all drop-ins.
#
# See networkd.conf(5) for details.
[Network]
#SpeedMeter=no
#SpeedMeterIntervalSec=10sec
#ManageForeignRoutingPolicyRules=yes
#ManageForeignRoutes=yes
#RouteTable=
[DHCPv4]
#DUIDType=vendor
#DUIDRawData=
[DHCPv6]
#DUIDType=vendor
#DUIDRawData=

/etc/netplan/01-network-manager-all.yaml

# Let NetworkManager manage all devices on this system
network:
  version: 2
  renderer: NetworkManager
  dhcp4: true
  nameservers:
     addresses: [8.8.8.8, 8.8.4.4]

ruleset

sudo nft list ruleset

Here is a link to the output: https://textdoc.co/KUmuSJRQFTgtPvqL

ip tables: https://justpaste.it/chb5k

$sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
Chain FORWARD (policy DROP)
target     prot opt source               destination

DOCKER-USER  all  --  anywhere             anywhere

DOCKER-ISOLATION-STAGE-1  all  --  anywhere             anywhere

ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
DOCKER     all  --  anywhere             anywhere

ACCEPT     all  --  anywhere             anywhere

ACCEPT     all  --  anywhere             anywhere

LIBVIRT_FWX  all  --  anywhere             anywhere

LIBVIRT_FWI  all  --  anywhere             anywhere

LIBVIRT_FWO  all  --  anywhere             anywhere

ufw-before-logging-forward  all  --  anywhere             anywhere

ufw-before-forward  all  --  anywhere             anywhere

ufw-after-forward  all  --  anywhere             anywhere

ufw-after-logging-forward  all  --  anywhere             anywhere

ufw-reject-forward  all  --  anywhere             anywhere

ufw-track-forward  all  --  anywhere             anywhere
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Chain DOCKER (1 references)
target     prot opt source               destination
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target     prot opt source               destination

DOCKER-ISOLATION-STAGE-2  all  --  anywhere             anywhere

RETURN     all  --  anywhere             anywhere
Chain DOCKER-ISOLATION-STAGE-2 (1 references)
target     prot opt source               destination

DROP       all  --  anywhere             anywhere

RETURN     all  --  anywhere             anywhere
Chain DOCKER-USER (1 references)
target     prot opt source               destination

RETURN     all  --  anywhere             anywhere
Chain LIBVIRT_FWI (1 references)
target     prot opt source               destination

ACCEPT     all  --  anywhere             localhost/24         ctstate RELATED,ESTABLISHED
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
Chain LIBVIRT_FWO (1 references)
target     prot opt source               destination

ACCEPT     all  --  localhost/24         anywhere

REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
Chain LIBVIRT_FWX (1 references)
target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere
Chain LIBVIRT_INP (0 references)
target     prot opt source               destination

ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootps
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:67
Chain LIBVIRT_OUT (0 references)
target     prot opt source               destination

ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere             udp dpt:bootpc
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:68
Chain ufw-after-forward (1 references)
target     prot opt source               destination
Chain ufw-after-input (0 references)
target     prot opt source               destination

ufw-skip-to-policy-input  udp  --  anywhere             anywhere             udp dpt:netbios-ns
ufw-skip-to-policy-input  udp  --  anywhere             anywhere             udp dpt:netbios-dgm
ufw-skip-to-policy-input  tcp  --  anywhere             anywhere             tcp dpt:netbios-ssn
ufw-skip-to-policy-input  tcp  --  anywhere             anywhere             tcp dpt:microsoft-ds
ufw-skip-to-policy-input  udp  --  anywhere             anywhere             udp dpt:bootps
ufw-skip-to-policy-input  udp  --  anywhere             anywhere             udp dpt:bootpc
ufw-skip-to-policy-input  all  --  anywhere             anywhere             ADDRTYPE match dst-type BROADCAST
Chain ufw-after-logging-forward (1 references)
target     prot opt source               destination

LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw-after-logging-input (0 references)
target     prot opt source               destination

LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw-after-logging-output (0 references)
target     prot opt source               destination
Chain ufw-after-output (0 references)
target     prot opt source               destination
Chain ufw-before-forward (1 references)
target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere             icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere             icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
ufw-user-forward  all  --  anywhere             anywhere
Chain ufw-before-input (0 references)
target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere

ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ufw-logging-deny  all  --  anywhere             anywhere             ctstate INVALID
DROP       all  --  anywhere             anywhere             ctstate INVALID
ACCEPT     icmp --  anywhere             anywhere             icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere             icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere             icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
ufw-not-local  all  --  anywhere             anywhere

ACCEPT     udp  --  anywhere             224.0.0.251          udp dpt:mdns
ACCEPT     udp  --  anywhere             239.255.255.250      udp dpt:1900
ufw-user-input  all  --  anywhere             anywhere
Chain ufw-before-logging-forward (1 references)
target     prot opt source               destination
Chain ufw-before-logging-input (0 references)
target     prot opt source               destination
Chain ufw-before-logging-output (0 references)
target     prot opt source               destination
Chain ufw-before-output (0 references)
target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere

ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ufw-user-output  all  --  anywhere             anywhere
Chain ufw-logging-allow (0 references)
target     prot opt source               destination

LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] "
Chain ufw-logging-deny (2 references)
target     prot opt source               destination

RETURN     all  --  anywhere             anywhere             ctstate INVALID limit: avg 3/min burst 10
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw-not-local (1 references)
target     prot opt source               destination

RETURN     all  --  anywhere             anywhere             ADDRTYPE match dst-type LOCAL
RETURN     all  --  anywhere             anywhere             ADDRTYPE match dst-type MULTICAST
RETURN     all  --  anywhere             anywhere             ADDRTYPE match dst-type BROADCAST
ufw-logging-deny  all  --  anywhere             anywhere             limit: avg 3/min burst 10
DROP       all  --  anywhere             anywhere
Chain ufw-reject-forward (1 references)
target     prot opt source               destination
Chain ufw-reject-input (0 references)
target     prot opt source               destination
Chain ufw-reject-output (0 references)
target     prot opt source               destination
Chain ufw-skip-to-policy-forward (0 references)
target     prot opt source               destination

DROP       all  --  anywhere             anywhere
Chain ufw-skip-to-policy-input (7 references)
target     prot opt source               destination

DROP       all  --  anywhere             anywhere
Chain ufw-skip-to-policy-output (0 references)
target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere
Chain ufw-track-forward (1 references)
target     prot opt source               destination
Chain ufw-track-input (0 references)
target     prot opt source               destination
Chain ufw-track-output (0 references)
target     prot opt source               destination

ACCEPT     tcp  --  anywhere             anywhere             ctstate NEW
ACCEPT     udp  --  anywhere             anywhere             ctstate NEW
Chain ufw-user-forward (1 references)
target     prot opt source               destination
Chain ufw-user-input (1 references)
target     prot opt source               destination

ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
Chain ufw-user-limit (0 references)
target     prot opt source               destination

LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] "
REJECT     all  --  anywhere             anywhere             reject-with icmp-port-unreachable
Chain ufw-user-limit-accept (0 references)
target     prot opt source               destination

ACCEPT     all  --  anywhere             anywhere
Chain ufw-user-logging-forward (0 references)
target     prot opt source               destination
Chain ufw-user-logging-input (0 references)
target     prot opt source               destination
Chain ufw-user-logging-output (0 references)
target     prot opt source               destination
Chain ufw-user-output (1 references)
target     prot opt source               destination

Maybe there are settings in your Un Complicated Firewall that govern this and it's not an Ubuntu thang afterall. — darth_epoxy, Jan 08 '23 at 10:23
Please edit your question to clarify: Exactly which release and flavor of Ubuntu you are using. Ubuntu Desktop 16.04? Ubuntu Server 22.10? Ubuntu Core 18? Xubuntu 22.04? Something else? Troubleshooting for different releases has changed over time, so please take the time to be accurate. If you don't know how to determine your release and flavor of Ubuntu, then use the Search bar at the top of the page to learn how. — user535733, Jan 08 '23 at 15:59
Need output of sudo ufw status verbose not just the ufw status, can't see the reject drop rules. Anyway, update your main post with that data, if you please. You can have a "drop all" rule on the on the incoming traffic policy, and when you do ufw enable right before the next command it will clear the existing rules allow dhclient to bind and then probably work. But it's still misconfigured, I'm guessing.... If it's working completely with ufw disable then it's definitely something like this. Once ufw is enabled it persists on boot, it doesn't need to be redone over and over. — sean, Jan 13 '23 at 06:55
Hi, I updated it. Now I try again to find the youtube link/ tutorial, with which I killed my confg. It must be in my chronik... And I will check what you have written again. — jikki plikki, Jan 13 '23 at 17:17
We don't know what you did so it's hard to help you. But if you type history in the terminal it will return the last 2000 commands you've ran and that should help you understand what you did — Matias N Goldberg, Jan 13 '23 at 17:51
I can only see 500. And as far as I see it right I only see some old gcc commands and some other commands.. but not that what hat to do with that. — jikki plikki, Jan 13 '23 at 18:11
From what I understand of your question, internet works when ufw is disabled but doesn't work when you enable ufw? Could be worth looking at the output of sudo nft list ruleset which will give you all details of your firewall (ufw is just a high level abstraction layer) — moo, Jan 14 '23 at 06:17
I am not sure about the needed status of ufw. For example right now it is disabled. .. Now I enable it with "enable". And Internet also works. So it looks like that the ufw doesn't be that important for this issue like dhclient is. — jikki plikki, Jan 14 '23 at 06:26

score 0 · Answer 1 · answered Jan 16 '23 at 12:44

0

You need to allow ports 68-69 for dhclient to work. If you connect with UFW off, DHCP addresses are assigned. If you enable it, they stay. But you DHCP won't work with ports 68-69 disabled.

You need to allow UDP from port 68 (client) to port 67 (server).

answered Jan 16 '23 at 12:44

Pilot6

90,100
91
213
324

ok I allowed them with sudo ufw allow in 67,68,69/udp and sudo ufw allow out 67,68,69/udp .... but I still cant find my printer .. and there is still no network symbol? – jikki plikki Jan 16 '23 at 14:18

My internet doesn't connect automatically on Ubuntu anymore

and at first I also used the following cmd, but dhclient seems to be enough.

1 Answers1