I'm following instructions to automate the installation of Ubuntu Server 12.04 using kickstart. It works well for automatically partitioning the drives, selecting languages etc. However, it doesn't configure the firewall. It is a known issue.
Running without a firewall isn't a good idea. How does one configure the UFW firewall during installation to prevent unauthorized access to the server?
The kickstart file I have looks as follows (with only the username changed)
#System language
lang en_US
#Language modules to install
langsupport en_US
#System keyboard
keyboard us
#System mouse
mouse
#System timezone
timezone America/Los_Angeles
#Root password
rootpw --disabled
#Initial user
user johnd --fullname "John Doe" --iscrypted --password <omitted>
#Reboot after installation
reboot
#Use text mode install
text
#Install OS instead of upgrade
install
#Use CDROM installation media
cdrom
#System bootloader configuration
bootloader --location=mbr
#Clear the Master Boot Record
zerombr yes
#Partition clearing information
clearpart --all --initlabel
#Disk partitioning information
part / --fstype ext4 --size 1 --grow
part swap --recommended
#System authorization infomation
auth --useshadow --enablemd5
#Network information
network --bootproto=dhcp --device=eth0
#Firewall configuration
firewall --enabled --trust=eth0 --ssh
#Do not configure the X Window System
skipx
UPDATE
I added the following the file above:
%post
mkdir /usr/sample
ufw enable
ufw allow 22
After the installation, the directory /usr/sample
exists, but the firewall is still disabled and access to port 22 isn't allowed.