Questions tagged [firewall]
a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts
125
questions
81
votes
12
answers
124k
views
How to control internet access for each program?
I would like to use a software to control which program may connect to the internet. I know that this behaviour is associated with the word "firewall", but some Linux users are very upset if somebody ...
- 1,181
31
votes
5
answers
23k
views
Is there a preinstalled or automatic firewall?
Does Ubuntu come with a preinstalled or automatic firewall? If not, do I need one?
I've read some articles about the advantages of Linux over other operating systems about security (no need to have ...
pedroo
80
votes
5
answers
75k
views
Why is the firewall disabled by default?
Why is ufw firewall included in Ubuntu, when it is not enabled and pre-configured by default? Most users don't even know it is there, because no GUI frontend is provided.
- 921
48
votes
3
answers
103k
views
How can I make a specific set of iptables rules permanent?
Is there a "best practice" or standard to make a few iptables rules permanent? I mean: automatically applied upon a system reboot?
I am using a VPS with Ubuntu Server 10.04 LTS (Lucid Lynx).
Thank ...
- 1,352
21
votes
2
answers
37k
views
What could be the cause for these strange UFW block entries in my syslog?
I've recently noticed a large number of recurring UFW blocks in my syslog. This surprised me as I have no UFW rules set:
$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (...
- 21.5k
56
votes
2
answers
108k
views
how do you create an app profile for ufw?
Ufw has a command that lists out profiles to which you can further explore their profile definitions
$ ufw app list
And
$ ufw app PROFILE {app profile title}
I was wondering how you can create a ...
- 1,028
15
votes
1
answer
6k
views
UFW Allows 22 for IPv4 and IPv6 but SSH Disconnects When Enabling
sudo ufw disable followed by sudo ufw enable kicks me out of SSH
DMESG reports
[UFW BLOCK] IN=eth0 OUT= MAC=30:........ SRC=192.168.1.me DST=192.168.1.server LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=...
- 921
12
votes
1
answer
4k
views
Do I need to activate the firewall? I only use Ubuntu for a home desktop use?
I am a novice at Ubuntu (12.04). I have it on my netbook which I use mainly for surfing the net, learning python and remote desktop into my work computer.
Do I need to enable a Firewall type ...
- 223
11
votes
3
answers
3k
views
How can a non-geek set up a proper firewall?
Maybe a non-geek that knows of the existence of a firewall is already some kind of a nerd. If you have been a windows-user then it was rather easy to set up a firewall (I don't know if it was a good ...
- 476
18
votes
4
answers
105k
views
How do I with ufw deny all outgoing ports excepting the ones I need?
I did the following: ufw default deny outgoing, sudo ufw allow out 80 which I thought would let me use the Internet but didn't can y'all help?
Also are there any other ports used by Ubuntu for which ...
- 361
8
votes
1
answer
10k
views
I can't use ufw on WSL-Ubuntu
I use Windows 10 home (build 17134.471) with WSL-Ubuntu 16.04 (xenial).
I executed apt update -y && ufw --force enable and got the following trace (I don't know what it means - maybe some ...
user423047
5
votes
1
answer
4k
views
UFW occasionally blocking HTTPS (443/TCP) although configured to allow that port on Ubuntu 16.04
On my Ubuntu 16.04 machine, I have configured UFW like this:
$ sudo apt-get install ufw
$ sudo ufw limit 22/tcp
$ sudo ufw allow 80/tcp
$ sudo ufw allow 443/tcp
$ sudo ufw enable
Now if I run sudo ...
- 416
1
vote
1
answer
2k
views
How to stop the synattack?
I have did every thing to stop this kind of ddos.
I have set sysctl like following:
# IP Spoofing protection
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Ignore ICMP ...
- 185
120
votes
5
answers
170k
views
See configured rules even when inactive
I'm wondering if it's possible to get UFW to list the configured firewall rules even when it's not enabled. I only have ssh access to the server at this time, and I don't want to enable UFW if there's ...
- 2,277
109
votes
11
answers
80k
views
Uncomplicated Firewall (UFW) is not blocking anything when using Docker
This is my first time setting up an Ubuntu Server (14.04 LTS) and I am having trouble configuring the firewall (UFW).
I only need ssh and http, so I am doing this:
sudo ufw disable
sudo ufw reset
...
- 2,821
37
votes
6
answers
204k
views
How to enable ufw firewall to allow icmp response?
I have a series of Ubuntu 10.04 servers and each one has ufw firewall enabled. I have allowed port 22 (for SSH) and 80 (if it's a webserver). My question is that I am trying to enable icmp echo ...
- 677
30
votes
1
answer
78k
views
ufw delete all rules
I'm trying to understand and build my own firewall for the first time.
I'm very new to this kind of things.
I came up to ufw and added some rules to test it.
Is there any way of deleting all the ...
user658776
27
votes
3
answers
7k
views
What automated intrusion notification/detection setup is good for home desktop use?
I've been using Linux for quite a while now and I always feel the need to have a passive software / script setup which can alert me of any suspicious network activities like scans, failed login ...
- 403
27
votes
2
answers
93k
views
How can set these iptables rules to run at startup
I usually run my iptables rules whenever I login. From the terminal I type ;
sudo sh firewall.sh
Setting up my sister's computer, I want to give her some basic firewall protection. She wont be ...
- 293
25
votes
11
answers
65k
views
Ubuntu 18.10 stuck on "Started bpfilter" while booting
Today I have updated from my Ubuntu 18.04 to 18.10 by software upgrade app ( coudn't wait till tomorrow 😆). It took a bit of time, but at the end of it I was asked to restart my PC. Upon restarting, ...
- 353
20
votes
3
answers
36k
views
Can't connect to PPTP VPN with ufw enabled on Ubuntu 14.04 with kernel 3.18
Suddenly VPN disconnected and can't reconnect no longer on kernel 3.18.1, so I try to install kernel 3.18.2 but my problem still exist. But I can connect to VPN with 3.14 kernel easily.
The output of ...
- 1,587
17
votes
5
answers
44k
views
Block China with iptables
I just logged in on a GitLab server and noticed that it had 18.974 failed logins since I last checked the server - almost 5 days. I checked the Ip's and it seems that almost all of them were from ...
14
votes
5
answers
30k
views
Disable logging of UFW BLOCKs in the kernel logs
I have a lot of these entries in my log:
Sep 22 12:20:23 server0187 kernel: [ 7.267934] [UFW BLOCK] IN=ens3 OUT= MAC=56:00:21:32:65:eb:fe:00:00:32:65:eb:08:99 SRC=113.69.80.129 DST=se.rv.er.ip LEN=...
- 241
11
votes
2
answers
9k
views
How to disable internet for a user on a system
I know about changing owners/permissions on particular programs/files, but how can I control which users have access to the network card (NIC) or have the power to create network sockets?
- 1,155
10
votes
6
answers
10k
views
Do I need a firewall for my desktop? [duplicate]
I don't have a router, but I mostly use my desktop for online shopping and torrenting. So, do I have to enable the firewall? I hope not, because I'm really dumb and I don't think I will be able to ...
- 101
9
votes
10
answers
38k
views
Ubuntu 18.04 Login window loop
Is there any reason the login window would stop working and start looping? I'm running 18.04. I normally RDP into the ubuntu box, but that isn't working now. Using a keyboard and mouse, I see my ...
- 301
8
votes
3
answers
10k
views
Why is ufw logging 'BLOCK' messages regarding a port for which ufw is configured to 'ALLOW' connections?
Here's an example log message:
May 25 10:36:07 myserver kernel: [7057243.392334] [UFW BLOCK] IN=eth0 OUT= MAC=00:02:55:67:82:eb:00:06:b1:3a:ef:62:08:00 SRC=69.197.128.26 DST=192.168.100.101 LEN=44 ...
- 251
6
votes
1
answer
29k
views
Port forwarding with UFW
I realize UFW is mainly just for enabling/disabling access on particular ports, but I'm trying to forward one port to another. I want any connection to port 1724 to be forwarded to 1723.
The file /...
- 1,535
2
votes
1
answer
3k
views
Is it ok to manually update a ufw profile?
I am new to linux server management and want to move my OpenSSH ufw profile to listen on port 4444 instead of port 22 when I enable the firewall.
So I am acomplishing this by updating the profile at
...
- 133
-9
votes
2
answers
4k
views
I think my PC is being hacked. What should I do? [closed]
I'm afraid I'm being hacked: My Ubuntu is receiving inbound traffic while my PC is disconnected from Ethernet and WIFI, so my question is, how am I receiving inbound traffic? I even have a firewall ...
- 187
70
votes
5
answers
143k
views
How can I open a range of ports in ubuntu using (g)ufw
I have to open up a group of ports.
Adding the single ports to (g)ufw was easy enough but I can't work out how to open the range 11200-11299.
How do I do that?
- 965
45
votes
5
answers
62k
views
How to block internet access for wine applications?
How can one prevent specific or any wine applications from accessing the internet?
When using certain applications under Windows, they were trying to access the internet from time to time without ...
- 2,349
40
votes
4
answers
161k
views
How to configure UFW to allow IP Forwarding?
I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 ...
- 4,832
21
votes
4
answers
11k
views
Is there any Application level firewall for Ubuntu 16.04? (with GUI)
I must confess that I'm very new to Linux world, and there are concepts that seem very unfamiliar to me.
One thing I miss the most is a good yet simple application level firewall. As of now, with all ...
- 211
15
votes
4
answers
62k
views
14
votes
10
answers
169k
views
ssh connection refused
Hi I'm having a problem with my ssh, which is magically stopped working and I couldn't figure out why. The message it give is:
ssh: connect to host <host> port 22: Connection refused
I don't ...
- 605
13
votes
7
answers
24k
views
UFW is not logging how do I troubleshoot?
I have set logging to high.
I am not seeing any log messages.
I do see the empty ufw.log file.
No messages in dmesg
- 586
12
votes
2
answers
17k
views
How do I allow local IPv6 subnets in ufw?
I recently got IPv6 connectivity at home and now I would like to allow connections to my home server via IPv6 from the LAN only. The trick is that the IPv6 address/prefix assigned to the server is ...
- 121
7
votes
1
answer
32k
views
Whitelist IPs for ufw
I have set some rules in ufw to rate limit connections, as such:
-A ufw-user-input -p tcp --dport 25 -m state --state NEW -m recent --set
-A ufw-user-input -p tcp --dport 25 -m state --state NEW -m ...
- 2,821
6
votes
3
answers
17k
views
Why UFW has to be (re)started at boot time if it's only iptables rule manager?
README from source package says:
When installing ufw from source, you will also need to integrate it into your
boot process for the firewall to start when you restart your system. Depending
on your ...
- 577
6
votes
3
answers
5k
views
UFW not blocking connections to docker instance
I have a webservice running inside a docker instance which was run using the following command:
sudo docker run -d -p 4040:4040 ....
My UFW rules look like this:
~ sudo ufw status
Status: active
...
- 171
6
votes
1
answer
33k
views
using ufw to block outgoing traffic to website
I want to block traffic to a specific domain e.g. mysite.com. I tried blocking the ip address of the site but it does not work:
ufw deny from 0.0.0.0 to ip_address_of_site
I am still able to acess ...
- 7,429
5
votes
2
answers
26k
views
Which port does Ubuntu Software Center use?
I have installed the gufw firewall utility and want to make a whitelist of ports (want maximum security, but whitelisting single IPs is currently too tedious). I have so far only entered ports 53 (for ...
5
votes
1
answer
23k
views
Ubuntu UFW 3x specific IP addresses only to access a specific port
I need to use UFW to allow only 3x different IP addresses to connect on a specific port.
Ex:
IP address [1] - 111.111.111.111
IP address [1] - 222.222.222.222
IP address [1] - 333.333.333.333
on a ...
- 51
4
votes
1
answer
1k
views
Could someone tell me whether my OS is communicating with the internet?
I edited iptables so that when the VPN service is disconnected, no program will access the internet.
Well, I did an experiment. I disconnected the VPN service manually and immediately did a ping by ...
- 1,917
4
votes
1
answer
3k
views
How to configure a firewall that only allows a few webpages and dropbox and U1 services?
Can anyone give a step-by-step how-to that explains how to
block all outgoing internet traffic to all websites, but allows only a selected list (needed for working, fi. online dictionaries)
allows ...
- 28.8k
2
votes
2
answers
2k
views
Do I need iptables or ufw if I have gufw?
On my Ubuntu computer I have Iptables,ufw and gufw installed on it but I am trying to figure out if I need to remove one so I did a experiment and removed iptables and I saw ufw and gufw was removed ...
2
votes
2
answers
7k
views
how do I enable firewall zones for NetworkManager
I am trying to use the default network manager for ubuntu 13.10 to connect to networks. Despite any config changes for example, enabling UFW, does not allow for the changing of this profile scheme. It ...
- 843
2
votes
1
answer
2k
views
Correctly limit IP connections
I asked many questions about this same subject, for example: here, and here.
The answer said I should set up the rule like this:
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ...
- 185
2
votes
1
answer
7k
views
Kernel 4.8 UFW and SMB not working together
Good day, I recently encountered a strange error regarding samba shares. I set up the shared directories on multiple computers on my home network. I enabled ufw and added samba rule with 'ufw allow ...
user646329