Unable to get Firewall to deny/allow any connections
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Unable to get Firewall to deny/allow any connections
I recently installed ufw and gufw as the gui; I've attempted to set up my firewall in ufw, but to no avail. It seems like the firewall does not want to block any traffic regardless of the settings. I set it to deny outbound/inbound and I can still access the web without difficulty. What am I missing?
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: Unable to get Firewall to deny/allow any connections
Hello, zeldarocks.
Please, open a terminal window, run the commandline and post the output here.
Kind regards,
Karl
Please, open a terminal window, run the commandline
Code: Select all
sudo ufw status verbose
Kind regards,
Karl
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 771 days now.
Lifeline
Re: Unable to get Firewall to deny/allow any connections
Status: active
Logging: on (low)
Default: reject (incoming), reject (outgoing)
New profiles: skip
To Action From
-- ------ ----
80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
80 ALLOW IN Anywhere (v6)
443 ALLOW IN Anywhere (v6)
I have allowed http and https but blocked all else...
Logging: on (low)
Default: reject (incoming), reject (outgoing)
New profiles: skip
To Action From
-- ------ ----
80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
80 ALLOW IN Anywhere (v6)
443 ALLOW IN Anywhere (v6)
I have allowed http and https but blocked all else...
Re: Unable to get Firewall to deny/allow any connections
Hello, zeldarocks.
Firewall software will go through the list of incoming/outgoing rules top down and apply the first matching rule.
Hence, in case the first rule ufw finds is the default rule: deny any incoming and outgoing traffic, it will do so.
Trying to soften this rule later on will not have any effect.
I am afraid you will have to consult the usfw manpages in order to find out how to make sure that the rules are created and stored in this order:
80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
80 ALLOW IN Anywhere (v6)
443 ALLOW IN Anywhere (v6)
reject any other requests
Yet, I am not sure whether blocking absolutely all outgoing packages is really what you want and need.
Karl
Firewall software will go through the list of incoming/outgoing rules top down and apply the first matching rule.
Hence, in case the first rule ufw finds is the default rule: deny any incoming and outgoing traffic, it will do so.
Trying to soften this rule later on will not have any effect.
I am afraid you will have to consult the usfw manpages in order to find out how to make sure that the rules are created and stored in this order:
80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
80 ALLOW IN Anywhere (v6)
443 ALLOW IN Anywhere (v6)
reject any other requests
Yet, I am not sure whether blocking absolutely all outgoing packages is really what you want and need.
Karl
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 771 days now.
Lifeline
Re: Unable to get Firewall to deny/allow any connections
That IS the order the rules are in though. Can you elaborate on what needs to be done?
I've been toying around with it since yesterday, yet it won't actually follow directions.
I've been toying around with it since yesterday, yet it won't actually follow directions.
Re: Services Disabled by Default on Mint?
That reminds me, I'm having problems with ufw; it doesn't want to follow instructions at all. Could you help me?
Last edited by xenopeek on Wed Feb 13, 2013 10:55 am, edited 1 time in total.
Reason: Same subject, so posts moved here.
Reason: Same subject, so posts moved here.
Firestarter/UFW not working.
I'm installed both Firestarter and GUFW, and have been unable to get either of them to work: every time I specify deny/allow, it does not follow through with instructions; as if I had done nothing. I've tried reinstalling, uninstalling, using UFW on its own, and vice versa. I need to get this resolved ASAP.
Last edited by xenopeek on Wed Feb 06, 2013 6:52 pm, edited 1 time in total.
Reason: Same subject, so topics merged.
Reason: Same subject, so topics merged.
Re: Firestarter/UFW not working.
You can not use both of those programs together. When you make a change in a firewall you need to reset the firewall so the changes take place. Easiest way is to disable it and then re-enable it.
Re: Services Disabled by Default on Mint?
Are you making the changes as root (sudo)?zeldarocks wrote:That reminds me, I'm having problems with ufw; it doesn't want to follow instructions at all. Could you help me?
Describe what it is you do and what errors/messages/behaviors you are seeing.