Live Chat Software by Kayako
Knowledgebase: Network Configuration
Cach sua loi firewall on ubuntu dang khong start
Posted by Thang Le Toan on 29 April 2017 02:28 AM

UFW inactive at startup

I have enabled UFW with default values of Deny for Incoming and Allow for outgoing. However, after every startup, when I run <sudo ufw status> the reply is 'inactive'. This was on original 10.04 that I installed last week. I did a complete update today, and the behaviour is the same. Am I doing something wrong, do I need to issue a command to make the setting stick?

A related question about the system update: the startup screen now presents the updated kernel as a system I can load, as well as the old kernel. Is this normal? I would have expected the update would have replaced the kernel.
=================>
Code:
grep ^ENABLED /etc/ufw/ufw.conf
sudo service ufw start
sudo ufw status
cat /etc/init/ufw.conf


================>
sudo ufw enable



How To: Ubuntu Linux Firewall Open Port Command

How do I open port 80 and 443 on a Ubuntu Linux LTS version 14.04 server?

Ubuntu Linux server comes with firewall configuration tool called ufw (Uncomplicated Firewall). It is the default tool. ufw is very easy to use and configure host based firewall settings. This program is for managing a Linux firewall and aims to provide an easy to use interface for the user. For example:

  1. You can open/close ports.
  2. Block an IPv4/IPv6 address.
  3. Delete existing firewall rules.
  4. Turn on or off firewall logs.
  5. And more.

How do I see the current status of my firewall?

Type the following command:
sudo ufw status verbose
Sample outputs:

=============================

How do I open tcp port # 22?

To allow incoming tcp packets on port 22, enter:
sudo ufw allow 22/tcp
Verify it:
sudo ufw status verbose

How do I open tcp port # 80 and 443?

The service specific syntax is as follows to open http and https service ports:
sudo ufw allow http
sudo ufw allow https

OR
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

How do I open tcp and udp port # 53?

To allow incoming tcp and udp packet on port 53, enter:
sudo ufw allow 53
Verify it:
sudo ufw status verbose

Advanced examples

To allow IP address 192.168.1.10 access to port 22 for all protocols
sudo ufw allow from 192.168.1.10 to any port 22
Open port 74.86.26.69:443 (SSL 443 nginx/apache/lighttpd server) for all, enter:
sudo ufw allow from any to 74.86.26.69 port 443 proto tcp
To allows subnet 192.168.1.0/24 to Sabma services, enter:
ufw allow from 192.168.1.0/24 to any app Samba
You can find service info as follows:
sudo ufw app list
Sample outputs:

Available applications:
  Nginx Full
  Nginx HTTP
  Nginx HTTPS
  Squid

To get information on Squid profile/app, run:
ufw app info Squid
Sample outputs:

Profile: Squid
Title: Squid proxy cache
Description: Internet object cache (WWW proxy cache)
 
Ports:
  2048,3128,3130,3401,4827/tcp

See ufw command man page for more info.

 

(0 vote(s))
Helpful
Not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).

Help Desk Software by Kayako