Unable to get Firewall to deny/allow any connections

Quick to answer questions about finding your way around Linux Mint as a new user.
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
Locked
zeldarocks

Unable to get Firewall to deny/allow any connections

Post by zeldarocks »

I recently installed ufw and gufw as the gui; I've attempted to set up my firewall in ufw, but to no avail. It seems like the firewall does not want to block any traffic regardless of the settings. I set it to deny outbound/inbound and I can still access the web without difficulty. What am I missing?
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
User avatar
karlchen
Level 23
Level 23
Posts: 18155
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

Re: Unable to get Firewall to deny/allow any connections

Post by karlchen »

Hello, zeldarocks.

Please, open a terminal window, run the commandline

Code: Select all

sudo ufw status verbose
and post the output here.

Kind regards,
Karl
Image
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 750 days now.
Lifeline
zeldarocks

Re: Unable to get Firewall to deny/allow any connections

Post by zeldarocks »

Status: active
Logging: on (low)
Default: reject (incoming), reject (outgoing)
New profiles: skip

To Action From
-- ------ ----
80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
80 ALLOW IN Anywhere (v6)
443 ALLOW IN Anywhere (v6)

I have allowed http and https but blocked all else...
User avatar
karlchen
Level 23
Level 23
Posts: 18155
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

Re: Unable to get Firewall to deny/allow any connections

Post by karlchen »

Hello, zeldarocks.

Firewall software will go through the list of incoming/outgoing rules top down and apply the first matching rule.
Hence, in case the first rule ufw finds is the default rule: deny any incoming and outgoing traffic, it will do so.
Trying to soften this rule later on will not have any effect.
I am afraid you will have to consult the usfw manpages in order to find out how to make sure that the rules are created and stored in this order:

80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
80 ALLOW IN Anywhere (v6)
443 ALLOW IN Anywhere (v6)
reject any other requests

Yet, I am not sure whether blocking absolutely all outgoing packages is really what you want and need.

Karl
Image
The people of Alderaan have been bravely fighting back the clone warriors sent out by the unscrupulous Sith Lord Palpatine for 750 days now.
Lifeline
zeldarocks

Re: Unable to get Firewall to deny/allow any connections

Post by zeldarocks »

That IS the order the rules are in though. Can you elaborate on what needs to be done?

I've been toying around with it since yesterday, yet it won't actually follow directions.
zeldarocks

Re: Services Disabled by Default on Mint?

Post by zeldarocks »

That reminds me, I'm having problems with ufw; it doesn't want to follow instructions at all. Could you help me?
Last edited by xenopeek on Wed Feb 13, 2013 10:55 am, edited 1 time in total.
Reason: Same subject, so posts moved here.
zeldarocks

Firestarter/UFW not working.

Post by zeldarocks »

I'm installed both Firestarter and GUFW, and have been unable to get either of them to work: every time I specify deny/allow, it does not follow through with instructions; as if I had done nothing. I've tried reinstalling, uninstalling, using UFW on its own, and vice versa. I need to get this resolved ASAP.
Last edited by xenopeek on Wed Feb 06, 2013 6:52 pm, edited 1 time in total.
Reason: Same subject, so topics merged.
sammiev

Re: Firestarter/UFW not working.

Post by sammiev »

You can not use both of those programs together. When you make a change in a firewall you need to reset the firewall so the changes take place. Easiest way is to disable it and then re-enable it.
3.14159

Re: Services Disabled by Default on Mint?

Post by 3.14159 »

zeldarocks wrote:That reminds me, I'm having problems with ufw; it doesn't want to follow instructions at all. Could you help me?
Are you making the changes as root (sudo)?

Describe what it is you do and what errors/messages/behaviors you are seeing.
Locked

Return to “Beginner Questions”