All Questions
198
questions
0
votes
0
answers
57
views
UFW not logging [UFW BLOCK] events when default is to allow incoming connections
I'm trying to get a message logged to /var/log/ufw.log when blocking packets. It's all working very well, until I change the default behaviour for incoming connections.
I use ufw default allow ...
0
votes
0
answers
111
views
Nginx configuration failure: iptables table does not exist
I tried to configure nginx on my Ubuntu system. During this process, I executed the command sudo ufw allow 'Nginx HTTP and I got an error:
WARN: initcaps
[Errno 2] iptables v1.8.7 (legacy): can't ...
0
votes
1
answer
80
views
ufw won't put custom rule in the correct place at reboot
My general issue is that I lose contact with my Ubuntu 23.10 on ssh once I close my ports using knockd. I would like for it to maintain existing connections.
I have a custom rule
> iptables -I ...
- 160
0
votes
0
answers
128
views
Still getting [UFW BLOCK], which rules apply?
I still get a message UFW BLOCKED:
Dec 22 05:12:41 ge-domoticz kernel: [5324365.003868] [UFW BLOCK] IN=eth0 OUT= MAC=b8:27:eb:a1:7b:8b:38:1f:8d:e9:e4:9f:08:00:45:00:00:28:92:8c:00:00:ff:06:2f:d4 SRC=...
0
votes
0
answers
348
views
Ubuntu 22.04 iptables command not working
I posted this same question in another SE forum, later felt this forum is more appropriate considering the Linux Distro I am dealing with.
Totally new to netfilter thing, currently am running an ...
- 101
0
votes
0
answers
30
views
I'm attempting to execute a Flask test file, but when attempting to access it through the browser, an error stating that the site cannot be reached
I have tried creating an inbound rule in my firewall to allow port <5000> but its still showing site cannot be reached.
i have also tried to Check UFW (Uncomplicated Firewall) with this command
'...
- 1
0
votes
0
answers
286
views
Setting up a reverse proxy on home lab
I'm very new to Linux and bash. I'm working on a homelab (machine a) project.
My ultimate goal is to set up Nginx on my server and connect externally (machine c) to Docker apps File Browser, possibly ...
- 1
0
votes
1
answer
664
views
Ubuntu Router configuration with UFW
Going down the ubuntu 20.04 server route and using UFW.
Steps so far (from a clean install)
Network Layout attached
networking configured with netplan - YAML file below - question here is do I need ...
- 1
0
votes
0
answers
288
views
UFW allow all IP from ASN
How to allow access to ubuntu with UFW firewall for all addresses belonging to one ICT provider with its ASN number (Is it possible?)?
1
vote
0
answers
608
views
wireguard + ufw = unable to limit access to specific port
So I'm trying to limit access to port 5432 (postgres) by using ufw and unable to do so. The connection is allowed still
sudo ufw deny 5432/tcp
sudo ufw route deny in on wg0 from 10.0.10.2
root@vpn-...
- 141
1
vote
0
answers
910
views
How to allow SSH only from WireGuard and one IP
This is production server and I need to add rules very carefully, I don't sure what is correct rule.
Currently my UFW rules allow SSH connection from any IP and from WireGuard, also my own IP (YYY.YYY....
- 13
0
votes
0
answers
100
views
UFW on ubuntu virtual router not blocking correct traffics
I have a virtual router running on Ubuntu Server 22.04. The virtual router has two ethernet interfaces enp1s0 and enp2s0. The interface enp1s0 is connected to the external network and the interface ...
0
votes
1
answer
363
views
Can not block torrent traffic in my Ubuntu 22.04 vps
I have an Ubuntu 22.04 vps which I want to block all torrent traffic on it.
I tried Iptables by this commands :
iptables -I FORWARD -m string --algo bm --string "BitTorrent" -j DROP
iptables ...
- 181
0
votes
0
answers
1k
views
UFW allow rule with destination and port
Setting up UFW firewall on Ubuntu I wish to allow connections on port 22 from my local network only. I use next command:
ufw allow from 192.168.1.0/24 to any port 22
For me is unclear in the part &...
- 1
0
votes
1
answer
964
views
UFW - Port is reachable for everyone although only certain IP's are opened
I run an Ubuntu 22.04 server on an VPS with a current version of UFW.
Further i run an docker instance with firefox - https://hub.docker.com/r/jlesage/firefox
The port is routed to 5800 to access this ...
- 1
3
votes
0
answers
5k
views
How to check if ip forwarding is enabled
i have 2 vps services from 2 diffrent providers and i want to use iptables for prerouting .
i can do it easily on one but cant do it on the other one , i almost read all articles and tried them but ...
- 31
0
votes
0
answers
282
views
Add custom iptables rule to UFW to be persistent
I would like to add the following rule to block the access for a specific user in Ubuntu 22.04 and persist whenever UFW is on. Is there a mechanism to do this while playing nicely with the UFW?
-A ...
- 344
1
vote
1
answer
516
views
How to drop an existing connection on Ubuntu 20.04 server?
I executed the following command to ban them. But it didn't work. It only works when there is a new connection from that IP.
sudo ufw insert 1 deny from 46.1.67.244 to any && sudo ufw reload
...
- 11
0
votes
1
answer
370
views
My Ubuntu Server Ports got locked
I just tried to join to my Jenkins on my VPS as usual. When I try to access the URL it returns the error code ERR_CONNECTION_TIMED_OUT. This happens as well with port 8080 for my website and other ...
- 31
0
votes
1
answer
686
views
Should I be concerned about these UFW blocked traffic?
I just installed ufw on a newly provisioned Ubuntu 22.04 Server. It is currently set up to deny all traffic except ssh on an alternate port.
I'm getting this pattern of blocked traffic:
Oct 6 10:09:...
- 113
1
vote
0
answers
67
views
Link process to connections blocked by UFW
I have an UFW setup with by default all incoming and outgoing connections blocked, and allow only to/from a wireguard interface. All services are working, but in /var/log/ufw.log, there's repeated TCP ...
- 111
0
votes
1
answer
387
views
SMTP IP forwarding to another machine
Apologies if this is a silly mistake this is the first time ive had to set up port forwarding. I have two machines I have one machine set up as a DMZ (192.168.0.67) when all traffic inbound will hit ...
- 101
0
votes
1
answer
476
views
Translate iptables rule to UFW
I need to translate these rules:
iptables -A firewall -p udp –dest 239.250.0.0/16 -j ACCEPT
iptables -A firewall -p igmp –dest 239.250.0.0/16 -j ACCEPT
To UFW rules. Don't know how to set -A -dest -j....
- 103
0
votes
1
answer
728
views
UFW ALLOW rules not working and being ignored
We're setting up some zero trust environments and are needing to block all incoming and outgoing ports, except for allowing the office IP to go in (for administrative purposes), and port 80 and 443 to ...
- 21
4
votes
1
answer
9k
views
22.04 - ufw/ip tables could not fetch rule set
I'm trying to get UFW up and running on a Raspberry Pi 4 running Ubuntu server 22.04. But I am at a loss.
# via SSH session:
~$ sudo ufw status
ERROR: problem running iptables: iptables v1.8.7 (...
- 61
0
votes
0
answers
646
views
How to remove request limit in ufw / iptables
I have a flask script that handles incoming requests. There can be a lot of such requests in a short period of time, however, if I understand correctly, then initially the firewall has some kind of ...
- 1
0
votes
0
answers
808
views
Firewall allows only port 22 but I can still curl via http. Need help
I am struggling to get the Ubuntu firewall working as desired.
I have set up a Database on an Ubuntu 20.04.3 LTS. I would like to be able to block request such as curl -G --data-urlencode "...
- 50
0
votes
0
answers
208
views
Port 8090 seems closed even though it's open
I installed Jenkins on port 8090, tried disabling ufw and doing ufw allow 8090.
yougetsignal.com is still showing that port as closed, and trying to open the jenkins webapp results in a timeout error.
...
1
vote
0
answers
914
views
What does rule section ufw-not-local do?
While using ufw for my Ubuntu 22.04, I try to understand the iptables structure behind it. What concerns me specifically is this snippet taken out of /etc/ufw/before.rules:
#
# ufw-not-local
#
-A ufw-...
- 25
0
votes
1
answer
858
views
Ubuntu Server 20.04 random ports are timing out, and I don't know why
I need to access a webserver on my Ubuntu Server 20.04 installation. For a test, I set up a webserver using sudo python3 -m http.server <port>. It works fine for a bunch of ports, like 8000, 443,...
1
vote
1
answer
6k
views
Incoming connections getting blocked on some ports with no firewall rules Ubuntu server
I'm a relatively inexperienced Linux user and I'm having issues with connections to my machine.
I'm using Ubuntu Server 20.04 LTS
I have a web server, a samba server, a game server and a ssh server ...
- 11
2
votes
2
answers
6k
views
How to open port to outside world?
I have a remote server with an IP - 111.222.333.444
I want to run an http server on that machine, that runs on localhost:8000
How can I make requests to 111.222.333.444:6000 from outside, from my hope ...
- 21
1
vote
1
answer
640
views
How do I use UFW to block a device in Ubuntu hotspot?
I have a laptop running Ubuntu 20.04, which connected to the internet via ethernet.
I have setup a WiFi hotspot on this machine, so that I can share its internet connection.
Say, I have third device (...
- 11
0
votes
0
answers
347
views
Port 80 showing as filtered, ufw inactive
sudo nmap -sS 3.139.146.153
PORT STATE SERVICE
22/tcp open ssh
25/tcp filtered smtp
80/tcp filtered http
443/tcp open https
3306/tcp open mysql
7000/tcp open afs3-...
1
vote
0
answers
3k
views
How do I open ports 443 and 8080 on a virtual Ubuntu Server 20.04.3?
I am running Ubuntu 20.04.3 server as a virtual server.
My virtual server was virtualized with VMware and the delivery was automatic.
I'm going to set it to use outline and
I have to open ports 443 ...
1
vote
1
answer
1k
views
Prevent routing of DHCP traffic
First, I'm aware that similar questions to mine have been asked elsewhere (I've read many of those posts!) but I've not been able to figure out a solution to my problem, so I'm asking for help.
My ...
- 11
0
votes
0
answers
312
views
How to open port 990 on Ubuntu
I am not able to connect to my server using FTPS. I noticed that port 990 is not open. When I try to connect to my server on port number 990 I get the following:
telnet myip 990
Connecting To myip......
- 518
1
vote
1
answer
2k
views
ip forward to another interface with ufw doesn't work
I'm trying to setup an IP forward. Cannot manage to make it work.
The goal is to receive a connection on interface1 (IP on this interface is 192.168.101.3) port 4443, and send it through interface2 to ...
- 11
2
votes
1
answer
5k
views
probleme running ufw on Ubuntu 20.04.3
I'm new to Ubuntu and to try it out I've installed the Ubuntu app from Microsoft store and running it on my windows 10 laptop, I tried to enable the UFW but I got this:
:~$ sudo ufw enable
ERROR: ...
9
votes
2
answers
18k
views
Ubuntu 21.10 switched to nftables, so why is iptables still available?
According to 21.10 release notes:
nftables is now the default backend for the firewall.
However, having installed Ubuntu 21.10, I can see I still have iptables (and ufw) installed by default:
m@m-...
- 295
1
vote
0
answers
277
views
Why is ufw not blocking traffic from 169.254.169.254:179?
My ufw is enabled and only permits ssh and wireguard:
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ...
- 121
0
votes
0
answers
248
views
Ubuntu server UFW issues
I was sending requests to my server using postman. Then, something went wrong and all of my requests were blocked. Now, I can't send requests or even access the server using the IP address unless I ...
1
vote
1
answer
4k
views
Unable to add rules to /etc/ufw/before.rules and before6.rules
I run a high-traffic NTP server and the following rules are absolutely necessary to prevent my conntrack table from being immediately overrun (regardless of how large it is):
iptables -t raw -A ...
- 301
0
votes
1
answer
3k
views
why does UFW block ICMP destination-unreachable messages despite apparently having rules to allow them?
Ubuntu 20.04.2 LTS, I am running UFW with mostly default configuration, have allowed some ports through with "ufw allow" but haven't done any manual blocking or config files editing.
I was ...
- 301
0
votes
1
answer
619
views
IPTABLES/UFW: Deny ssh (on alternate port) requests from WAN, and allow ssh (on alternate port) from LAN. HOW TO?
I am running Ubuntu server version 20.04. I have configured my ssh server to listen on an alternate port (port 40001) in my sshd_config file. I want to allow incoming traffic from anywhere on my local ...
- 113
4
votes
0
answers
670
views
UFW status is getting problem running iptables
I want to use UFW (version 0.36) but I get this error when running ufw status:
ERROR: problem running iptables: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?...
- 41
2
votes
1
answer
564
views
Redirect Network Traffic
I host a Minecraft server at home that I use to play with friends, which they all use to connect to via an OpenVPN server.
The OpenVPN server has the IP (A.A.A.A) and the IP range for the VPN itself ...
- 335
2
votes
0
answers
1k
views
ufw block error seen in journalctl -xe command
I'm newbie in networking and system security. I am trying to create openconnect server which tutorial is found in this link. I have also seen the similar issues like this one, but they don't make ...
- 241
0
votes
1
answer
5k
views
Cannot open port 3001 to local IPV4 ubuntu lts 20.04
I'm creating a back end app with NodeJs. My app running at port 3001. It is accessible when i try to access it with localhost:3001 or 0.0.0.0:3001 or 127.0.0.1:3001, but when I try to access it with ...
- 111
0
votes
1
answer
7k
views
How can I block outgoing traffic to a domain with all subdomains with UFW or IPTABLES?
I need to block all outgoing traffic to a domain with all its subdomains.
I tried to do something like this:
sudo ufw deny out from any to *.domain.com
but of course it doesn't work because it needs ...
- 151