Questions tagged [firewall]
a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts
1,242
questions
120
votes
5
answers
170k
views
See configured rules even when inactive
I'm wondering if it's possible to get UFW to list the configured firewall rules even when it's not enabled. I only have ssh access to the server at this time, and I don't want to enable UFW if there's ...
- 2,277
109
votes
11
answers
80k
views
Uncomplicated Firewall (UFW) is not blocking anything when using Docker
This is my first time setting up an Ubuntu Server (14.04 LTS) and I am having trouble configuring the firewall (UFW).
I only need ssh and http, so I am doing this:
sudo ufw disable
sudo ufw reset
...
- 2,821
100
votes
0
answers
261k
views
How do I see which ports are open? [duplicate]
I am running a web server on a machine with Ubuntu 11.
Everything is accessible from the local network, but not from outside.
What can I do to check to make sure the appropriate ports are open?
I am ...
- 1,129
91
votes
3
answers
226k
views
What is MASQUERADE in the context of iptables?
In iptables many times I see the target MASQUERADE. What is that? I searched and found lots of things. But I need someone to explain to me what MASQUERADE is in an easy to understand way?
An ...
- 10.3k
81
votes
12
answers
124k
views
How to control internet access for each program?
I would like to use a software to control which program may connect to the internet. I know that this behaviour is associated with the word "firewall", but some Linux users are very upset if somebody ...
- 1,181
80
votes
5
answers
75k
views
Why is the firewall disabled by default?
Why is ufw firewall included in Ubuntu, when it is not enabled and pre-configured by default? Most users don't even know it is there, because no GUI frontend is provided.
- 921
70
votes
5
answers
143k
views
How can I open a range of ports in ubuntu using (g)ufw
I have to open up a group of ports.
Adding the single ports to (g)ufw was easy enough but I can't work out how to open the range 11200-11299.
How do I do that?
- 965
59
votes
5
answers
353k
views
How do I know if my firewall is on?
I installed Firestarter, and configured my firewall.
But I'm in doubt : On boot, I sometimes see a [FAIL] marker, and to the left, I guess it was something like "start firewall". I can't be sure ...
- 691
56
votes
2
answers
108k
views
how do you create an app profile for ufw?
Ufw has a command that lists out profiles to which you can further explore their profile definitions
$ ufw app list
And
$ ufw app PROFILE {app profile title}
I was wondering how you can create a ...
- 1,028
52
votes
7
answers
6k
views
What are the risks of NOT using a firewall (home computer)?
Since a password is required to be a superuser (to install and modify programs), what are the risks to not use a firewall under Ubuntu ? More particularly if I am using a NAT router ?
- 1,138
48
votes
3
answers
103k
views
How can I make a specific set of iptables rules permanent?
Is there a "best practice" or standard to make a few iptables rules permanent? I mean: automatically applied upon a system reboot?
I am using a VPS with Ubuntu Server 10.04 LTS (Lucid Lynx).
Thank ...
- 1,352
45
votes
5
answers
62k
views
How to block internet access for wine applications?
How can one prevent specific or any wine applications from accessing the internet?
When using certain applications under Windows, they were trying to access the internet from time to time without ...
- 2,349
42
votes
4
answers
461k
views
How do I turn off the firewall in Ubuntu 12.04?
How do I turn off the firewall in Ubuntu 12.04?
Thanks for the answers. The reason for turning it off was twofold: I often cannot make a wireless connectin to internet and get the server is unable to ...
- 601
40
votes
4
answers
161k
views
How to configure UFW to allow IP Forwarding?
I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 ...
- 4,832
40
votes
3
answers
127k
views
How to allow remote connections to Flask?
Inside the system, running on virtual machine, I can access the running server at 127.0.0.1:5000.
Although the 'remote' address of the vm is 192.168.56.101 (ping and ssh work fine), I cannot access ...
- 737
39
votes
3
answers
126k
views
How do you view all of the banned IP's for Ubuntu 12.04 via the command line?
I can't seem to find a quick command to just view all the banned IP's on the server. Or is there a file I can just edit?
I'm guessing fail2ban is the one that inputs all the IP's to ban. Where do I ...
- 3,023
37
votes
6
answers
246k
views
Open port 80 on Ubuntu server
I'm just starting out in Ubuntu/Linux, and have some trouble opening port 80 for incoming connections.
I ran the sudo ufw allow 80/tcp command, and when I run sudo ufw status the result looks like ...
- 481
37
votes
6
answers
204k
views
How to enable ufw firewall to allow icmp response?
I have a series of Ubuntu 10.04 servers and each one has ufw firewall enabled. I have allowed port 22 (for SSH) and 80 (if it's a webserver). My question is that I am trying to enable icmp echo ...
- 677
36
votes
4
answers
330k
views
Port seems to be open, but connection refused
I am trying to open port 3000 on Ubuntu 12.04, cause I have a web server listening there. I'm a bit out of my confort zone here, and spent many hours trying to solve the problem without success.
Port ...
- 575
31
votes
5
answers
23k
views
Is there a preinstalled or automatic firewall?
Does Ubuntu come with a preinstalled or automatic firewall? If not, do I need one?
I've read some articles about the advantages of Linux over other operating systems about security (no need to have ...
pedroo
30
votes
6
answers
105k
views
UFW firewall still blocking SMB despite adding rules
I have an Ubuntu PC with ufw firewall (GUI version). I have added the preset Samba service, in and out, and even tried adding the ports manually (135-139, 445, UDP and TCP, in and out), but it still ...
- 3,347
30
votes
1
answer
78k
views
ufw delete all rules
I'm trying to understand and build my own firewall for the first time.
I'm very new to this kind of things.
I came up to ufw and added some rules to test it.
Is there any way of deleting all the ...
user658776
29
votes
1
answer
31k
views
Understanding UFW log
What does this UFW log mean? Has already asked a similar question, but I want to know explicitly what each line of the UFW log means
Feb 6 16:27:08 jonasgroenbek kernel: [71910.873115]
[UFW BLOCK] ...
- 591
28
votes
5
answers
134k
views
UFW is blocking all even when I set rules to allow
I am using an ubuntu server, Now I am trying to enable the firewall using these commands:
ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow www
ufw allow https
ufw enable
...
- 383
27
votes
2
answers
93k
views
How can set these iptables rules to run at startup
I usually run my iptables rules whenever I login. From the terminal I type ;
sudo sh firewall.sh
Setting up my sister's computer, I want to give her some basic firewall protection. She wont be ...
- 293
27
votes
3
answers
7k
views
What automated intrusion notification/detection setup is good for home desktop use?
I've been using Linux for quite a while now and I always feel the need to have a passive software / script setup which can alert me of any suspicious network activities like scans, failed login ...
- 403
26
votes
2
answers
92k
views
What are ICMP redirects and should they be blocked?
After enabling ufw and the Tiger security auditor, I see warnings saying:
The system accepts ICMP redirection messages
What are ICMP redirection messages? Should they be disabled for security ...
- 363
25
votes
11
answers
65k
views
Ubuntu 18.10 stuck on "Started bpfilter" while booting
Today I have updated from my Ubuntu 18.04 to 18.10 by software upgrade app ( coudn't wait till tomorrow 😆). It took a bit of time, but at the end of it I was asked to restart my PC. Upon restarting, ...
- 353
24
votes
2
answers
213k
views
How to open a port?
I have ubuntu 12.04 and I'm not able to allow certain port in my firewall. So I basically said I will allow everything but it's still not working. Please help. nmap on this machine from other machine ...
- 2,151
23
votes
9
answers
21k
views
Alternative to Little-Snitch app-firewall?
I'm trying out Ubuntu. Been a Mac user. I like ubuntu a lot but I'm uncomfortable not having an app-firewall that reports what connections are being made to the internet. I find it unnerving to not ...
- 251
22
votes
2
answers
56k
views
UFW for OpenVPN
I want to configure ufw (uncomplicated firewall) for OpenVPN.
Connections are only allowed through OpenVPN. Everything else should be blocked. So if OpenVPN is disconnected -> no internet!
I found ...
- 221
21
votes
2
answers
37k
views
What could be the cause for these strange UFW block entries in my syslog?
I've recently noticed a large number of recurring UFW blocks in my syslog. This surprised me as I have no UFW rules set:
$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (...
- 21.5k
21
votes
4
answers
11k
views
Is there any Application level firewall for Ubuntu 16.04? (with GUI)
I must confess that I'm very new to Linux world, and there are concepts that seem very unfamiliar to me.
One thing I miss the most is a good yet simple application level firewall. As of now, with all ...
- 211
20
votes
3
answers
36k
views
Can't connect to PPTP VPN with ufw enabled on Ubuntu 14.04 with kernel 3.18
Suddenly VPN disconnected and can't reconnect no longer on kernel 3.18.1, so I try to install kernel 3.18.2 but my problem still exist. But I can connect to VPN with 3.14 kernel easily.
The output of ...
- 1,587
20
votes
4
answers
109k
views
UFW - allow range of IP addresees?
I can add a rule using UFW firewall to allow a single known IP 192.168.1.32 to access my test webserver (192.168.1.48 (on a local mostly trusted network) on Ubuntu 14.04 using:
sudo ufw allow proto ...
- 30.3k
19
votes
1
answer
14k
views
UFW: what exactly is it?
What is UFW? You would think this is an easy question, but the more sources I read, the less clear it gets.
The acronym spells out to Uncomplicated FireWall, as though ufw actually implements a ...
- 303
18
votes
4
answers
105k
views
How do I with ufw deny all outgoing ports excepting the ones I need?
I did the following: ufw default deny outgoing, sudo ufw allow out 80 which I thought would let me use the Internet but didn't can y'all help?
Also are there any other ports used by Ubuntu for which ...
- 361
17
votes
5
answers
44k
views
Block China with iptables
I just logged in on a GitLab server and noticed that it had 18.974 failed logins since I last checked the server - almost 5 days. I checked the Ip's and it seems that almost all of them were from ...
17
votes
3
answers
46k
views
How do I allow multiple ports simultaneously in UFW?
I've installed a new Ubuntu 16.04 and enabled ufw:
ufw enable
I tried these ways to unfilter multiple ports at once:
ufw allow 22/tcp 25/tcp 80/tcp 443/tcp 9000/tcp
ufw allow 22/tcp, 25/tcp, 80/tcp,...
17
votes
6
answers
15k
views
Does spyware exist for ubuntu?
Someone I know said he had put spyware on my computer. Is he talking crap? I've been using Ubuntu 12.04 for nearly 3 years now and I've never seen any type of spyware, remote keyloggers or RATS (...
- 181
17
votes
1
answer
44k
views
UFW or IPTables on Ubuntu for OpenVPN?
I'm kind of a newbie in networking and Linux, and I always get confused over whether I should use UFW or IP Tables when restricting my internet connection to only use VPN. Looking around, I find there ...
- 303
16
votes
1
answer
109k
views
Open port on ubuntu 16.04
I cannot access my db remotely, The only thing i found out is the port 3306 is open for 127.0.0.1, I want it open globally. The error i receives on accessing db is No connection could be made because ...
- 215
16
votes
3
answers
33k
views
What do UFW's audit log entries mean?
I'm sometimes getting a lot of these AUDIT log entries in
...
[UFW AUDIT] IN= OUT=eth0 SRC=176.58.105.134 DST=194.238.48.2 LEN=76 TOS=0x10 PREC=0x00 TTL=64 ID=32137 DF PROTO=UDP SPT=36231 DPT=123 ...
- 447
15
votes
7
answers
9k
views
Block 1.4 million IP addresses on VPS
How can I block a list of about 1.4 million IP addresses? I've already tried to do it with iptables PREROUTING, like:
-A PREROUTING -d IP_HERE/32 -j DROP
But with this many records, my bandwidth goes ...
- 187
15
votes
4
answers
62k
views
15
votes
1
answer
6k
views
UFW Allows 22 for IPv4 and IPv6 but SSH Disconnects When Enabling
sudo ufw disable followed by sudo ufw enable kicks me out of SSH
DMESG reports
[UFW BLOCK] IN=eth0 OUT= MAC=30:........ SRC=192.168.1.me DST=192.168.1.server LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=...
- 921
14
votes
10
answers
169k
views
ssh connection refused
Hi I'm having a problem with my ssh, which is magically stopped working and I couldn't figure out why. The message it give is:
ssh: connect to host <host> port 22: Connection refused
I don't ...
- 605
14
votes
5
answers
30k
views
Disable logging of UFW BLOCKs in the kernel logs
I have a lot of these entries in my log:
Sep 22 12:20:23 server0187 kernel: [ 7.267934] [UFW BLOCK] IN=ens3 OUT= MAC=56:00:21:32:65:eb:fe:00:00:32:65:eb:08:99 SRC=113.69.80.129 DST=se.rv.er.ip LEN=...
- 241
14
votes
2
answers
33k
views
How do I find my firewall is blocking mysql?
I'm very new to Ubuntu. I couldn't able to connect to mysql via my programming language.
I know all my property file in my code is correct. But still I couldn't able to connect to mysql. I guess my ...
- 8,021
14
votes
1
answer
38k
views
MySQL server not accessible from remote machine
I have installed MySQL server in my local Ubuntu server (11.10). I can't connect to the server from a remote machine.
When I tried:- nmap localhost
, It shows the following
PORT STATE SERVICE
22/...
- 911