Ask Ubuntu Stack Exchange
Ask Ubuntu Stack Exchange

Questions tagged [ufw]

Uncomplicated Firewall (ufw)

The default firewall configuration tool for Ubuntu is ufw (Uncomplicated FireWall). Developed to ease iptables firewall configuration, ufw provides a user friendly way to create an IPv4 or IPv6 host-based firewall. By default UFW is disabled.

Enabling ufw is recommended at a minimum if not using other firewall tools with the command:

sudo ufw enable

By default, the policy is set to block all inbound requests. To learn more, use the command:

man ufw

where the full manual page is presented.

743 questions
14
votes
2 answers

How to run 'ufw' without interactive mode?

I want to run ufw Uncomplicated Firewall from python script but it usually runs in interactive mode. Example: subprocess.check_output(["ufw", "enable"]) Has the following output: 'Command may disrupt existing ssh connections. Proceed with operation…
Samuel
  • 283
11
votes
2 answers

UFW Ctrl-C and iptables: Chain already exists

I did a dumb thing, so bear with me. While running a ufw command to add a rule, I did a Ctrl-C, this led to the problem of the following error being generated every time I try to use UFW: ERROR: initcaps [Errno 2] iptables: Chain already exists. I…
ZombieJerky
  • 111
11
votes
1 answer

UFW: Allow app/profile only from specific IP

I want to restrict external access to e. g. Dovecot to specific source IPs. Allowing an app profile works great at all, but the connection's source is never limited ("From: Anywhere"): $ sudo ufw status To Action …
remy
  • 141
  • 1
  • 6
7
votes
3 answers

ufw not starting on boot

I am running Ubuntu Server 18.04 When I do: sudo ufw enable the output is: Firewall is active and enabled on system startup but when I do a reboot and run: sudo ufw status verbose the output is: Status: inactive I have checked…
Jedi
  • 491
6
votes
2 answers

Confused with ufw

I want ufw to block everything on my external interface (enp6s0) but allow everything on my internal ones (br0, tap0). I had huge issues with this (ufw was blocking stuff on br0 even though I set up a rule to allow in on enevrything), so I set ufw…
velis
  • 419
5
votes
2 answers

How do I extract the source MAC from a [UFW BLOCK] entry?

I have the following UFW Block entry. How do I get the source MAC? I'm getting a ton from the same MAC=e8:11:32:cb:d9:42:54:04:a6:ba:22:f8:08:00 doing port scanning. If it matters, I'm using 12.04 LTS. Feb 4 17:46:06 ChromeBox-Server kernel:…
user244712
  • 73
  • 1
  • 4
5
votes
1 answer

UFW - what is the meaning of 'Rule changed after normalization'

I issue the following : # ufw allow from And get the response: WARN: Rule changed after normalization Rule added (v6) I am familiar with the term 'normalization' in relational database structuring but I am curious how this is applied…
Stephen Boston
  • 3,944
4
votes
2 answers

UFW not denying traffic on specific ports

I have setup a UFW to allow all incoming and outgoing traffic by default. I wish to limit a few ports (in this case, 9200 and 5601). When I have the following configuration: > sudo ufw status verbose Status: active Logging: on (low) Default: allow…
Alexander Craggs
  • 43
4
votes
2 answers

How do I remove a previously "allowed" application profile from Ufw?

I've been messing around writing different application profiles for Ufw to get it to work properly, but I can't figure out how to completely and correctly remove an application profile that I previously added with sudo ufw allow [application…
PetaspeedBeaver
  • 188
  • 11
3
votes
0 answers

UBUNTU is blocking some 443 port traffic when should not

I have UFW instaled and configured like that. 80 ALLOW Anywhere 443/tcp ALLOW Anywhere 443/udp ALLOW Anywhere 80 (v6) ALLOW Anywhere…
Ebmoya
  • 31
3
votes
3 answers

incoming traffic blocked in firewall logs

I just installed UFW firewall on my Ubuntu VPS, and now I my log shows a lot of incoming traffic punting on port 23. Like this: kernel: [ 670.832245] [UFW BLOCK] IN=eth0 OUT= MAC=fa:16:3e:e6:7f:12:5e:f8:f0:c1:28:31:08:00 SRC=106.104.138.28 DST=xxx…
Letizia Rossi
  • 33
3
votes
1 answer

UFW: Why we write 'any' in allow statement

When creating an allow rule for example: sudo ufw allow from 110.110.25.25 to any port 3306 Why we write 'any'? I googled this a lot but none of the articles explain the full syntax of this statement. Can anybody explain this? Thank you.
Alpesh M
  • 33
3
votes
1 answer

How to create a UFW rule with helpful memo?

In the past I was able to create allow rules for ports with a helpful description, so I could remember why I allowed that specific port(s). I cannot for the life of me find on the web the command to do it again. Any ideas?
ckhatton
  • 589
  • 1
  • 5
  • 14
2
votes
1 answer

Set ufw rules as a oneliner

This is how I setup my ufw rules: $ sudo ufw default deny $ sudo ufw allow ssh $ sudo ufw allow http $ sudo ufw allow https $ sudo ufw allow 53/tcp $ sudo ufw allow 53/udp $ sudo ufw allow from any port 68 to any port 67 proto udp Is it possible to…
user3142695
  • 135
2
votes
0 answers

How do I limit access to a ufw app/service (not port) by IP address?

I know how to allow only a specific IP address into a port, but I can't find the syntax to do this by service. I kinda like having the services so I can group and read my rules more easily. How do I allow an IP address to a app like ssh, or in this…
flickerfly
  • 7,279
1
2 3 4