Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News:    Ethereum mailing list breach exposes 35,000 to crypto draining attack

Featured Deal: Upgrade your iPad with an Apple Magic Keyboard Folio for under $90

Latest Buyer's Guide:    Best web browsers with built in VPN: Boost online privacy

Generic User Avatar

Security issue with ufw

Started by Kristen3262 , Jun 12 2024 08:40 AM

  • Please log in to reply
9 replies to this topic

#1 Kristen3262

Kristen3262

  • Avatar image
  • Members
  • 4 posts
  • OFFLINE
    •  
  • Local time:08:46 AM

Posted 12 June 2024 - 08:40 AM

I am new to Linux and using Ubuntu desktop 24.04
When I enter sudo ufw status numbered I get back "enabled" and that's it.
This must be wrong. Is this possible?

BC AdBot (Login to Remove)

 

#2 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 35,304 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:07:46 AM

Posted 12 June 2024 - 08:43 AM

Do you have any rules?

Edited by cryptodan, 12 June 2024 - 08:58 AM.

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#3 Kristen3262

Kristen3262
  • Topic Starter

  • Avatar image
  • Members
  • 4 posts
  • OFFLINE
    •  
  • Local time:08:46 AM

Posted 12 June 2024 - 08:45 AM

What is that?

#4 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 35,304 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:07:46 AM

Posted 12 June 2024 - 08:58 AM

Rules not rukes.

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#5 The-Toolman

The-Toolman

  • Avatar image
  • Members
  • 3,599 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:02:46 AM

Posted 12 June 2024 - 09:01 AM

I've always found the default settings to be enough.

 

To enable.

sudo ufw enable

To check status.

sudo ufw status verbose

This may be useful.

 

https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu

 


Last year we said, "Things can't go on like this", and they didn't, they got worse.

[Will Rogers]

 

There are two theories to arguing with a woman. Neither works.

[Will Rogers]

 

 

#6 Kristen3262

Kristen3262
  • Topic Starter

  • Avatar image
  • Members
  • 4 posts
  • OFFLINE
    •  
  • Local time:08:46 AM

Posted 12 June 2024 - 01:31 PM

Thank you.Can you tell me why the defaults listed in status verbose aren't considered rules by status numbered?

#7 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 35,304 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:07:46 AM

Posted 12 June 2024 - 01:35 PM

Does it look like this:

sudo ufw status numbered
Output
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere                   DENY IN     203.0.113.100             
[ 2] Anywhere on eth0           ALLOW IN    203.0.113.102

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#8 Kristen3262

Kristen3262
  • Topic Starter

  • Avatar image
  • Members
  • 4 posts
  • OFFLINE
    •  
  • Local time:08:46 AM

Posted 12 June 2024 - 01:49 PM

No it just said "enabled"
Wouldn't it list the default rules?

#9 cryptodan

cryptodan

    Bleepin Madman


  • Avatar image
  • Members
  • 35,304 posts
  • OFFLINE
    •  
  • Gender:Male
  • Location:USA
  • Local time:07:46 AM

Posted 12 June 2024 - 02:17 PM

It would show this if you entered the command:

sudo ufw status
Output
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip

US Navy Veteran from 2002 to 2006

Masters in Computer and Digital Forensics Expert - Stevenson University Alumni 2015

Arch Desktop - https://termbin.com/epij

Arch Laptop - https://www.termbin.com/dnwk

Ubuntu Server - https://termbin.com/zvra

#10 h_b_s

h_b_s

  • Avatar image
  • Members
  • 105 posts
  • OFFLINE
    •  
  • Gender:Male
  • Local time:01:46 AM

Posted 12 June 2024 - 02:45 PM

Learning to read man(uals) pages, documentation, and other how-tos is absolutely essential for Linux (and any other Unix) administration, even if all you're doing is using it as a bog normal desktop.  It doesn't hurt with Windows and Mac, either. :P  But with Linux, you're far more likely to get someone to tell you to "RTFM" if you're asking an elementary question that's already answered in the utility's man page.  Also don't forget to "man man" for the man page on man itself.

 

https://manpages.ubuntu.com/manpages/noble/en/man8/ufw.8.html

status: show status of firewall and  ufw  managed  rules.  Use  "status  verbose"  for  extra information.

Look at the man page. It explains why you're seeing what you are:  status only shows ufw managed rules if there are any.  If there aren't any it only displays whether ufw is enabled or not.  Yes there are methods to have firewall rules that aren't managed by ufw.  Ufw is just one of several utilities used to manage the various ways the Linux kernel can have firewall rules set up.  The most common default set is a stateful firewall where uninitiated incoming traffic is blocked or dropped while permitting incoming traffic from known outgoing traffic, all outbound traffic allowed. Otherwise your programs would never receive the responses from DNS query, web browser requests, etc.


Edited by h_b_s, 12 June 2024 - 02:46 PM.

Back to Linux & Unix


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users


  1. BleepingComputer Forums
  2. Alternative Operating Systems Support
  3. Linux & Unix
  4. Privacy Policy
  5. Rules ·