1

Scenario: I am on a remote server, and if I set up UFW incorrectly, then I will be locked out without chance for easy recovery. So I want to start ufw and see if it works. If it doesn't, then I want to restart the server and have ufw disabled. Note that the server mounts its file system via NFS, and if that gets blocked, the system is dead.

I tried:

systemctl start ufw

While systemctl status ufw reports that it is active, ufw status says:

Status: inactive

When I run ufw enable, then UFW will be enabled on the next boot as well, which is exactly what I don't want.

feklee
  • 505
  • 3
  • 18

1 Answers1

0

One way to do this is to use e.g. screen.

  1. Start screen
  2. Run sleep 300; sudo ufw disable
  3. Press Ctrl+a c to create a new window.
  4. Run whatever ufw commands you want.
  5. If you loose access, simply wait five minutes for ufw to be disabled.
  6. If it works, go back to previous window with Ctrl+a Space and press Ctrl+c to kill the command before it executes.
vidarlo
  • 3,775
  • 1
  • 12
  • 25
  • I was thinking about this, but if the firewall cuts of NFS, then `ufw` will not be found after the sleep. – feklee Sep 03 '21 at 11:58