OS is Trisquel 8.0 (Ubuntu 16.04 LTS derived), kernel 4.4.0-131-generic
I've reached the hair-tearing stage with ufw, which refuses to start up properly on system start. Have tried:
- Editing /etc/ufw/ufw.conf to force enabled state.
- Editing /usr/share/ufw/ufw.conf to force enabled state.
- Editing /etc/rc.local to add 'systemctl enable ufw'.
- Removing and reinstalling the ufw package.
After a restart, the service reports 'active' but is actually inactive.
# service ufw status
[green bullet] ufw.service - Uncomplicated firewall
Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2018-08-15 12:33:36 NZST; 15min ago
Main PID: 389 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/ufw.service
Aug 15 12:33:36 alcatraz systemd[1]: Started Uncomplicated firewall.
# ufw status
Status: inactive
# ping google.co.nz
ping: unknown host google.co.nz
# service ufw start
# service ufw status
[green bullet] ufw.service - Uncomplicated firewall
Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2018-08-15 12:33:36 NZST; 15min ago
Main PID: 389 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/ufw.service
Aug 15 12:33:36 alcatraz systemd[1]: Started Uncomplicated firewall.
# service ufw start
# ufw status
Status: inactive
# service ufw restart
# ufw status
Status: inactive
# ufw enable
Firewall is active and enabled on system startup
# ufw status
Status: active
To Action From
-- ------ ----
192.168.1.0/24 21 on enp2s0 ALLOW 192.168.1.0/24
...
192.168.1.0/24 21 ALLOW OUT 192.168.1.0/24 on enp2s0
...
# ping google.co.nz
PING google.co.nz (216.58.196.131) 56(84) bytes of data.
64 bytes from syd15s04-in-f3.1e100.net (216.58.196.131): icmp_seq=1 ttl=52 time=64.2 ms
I'm no doubt missing something simple, but extensive googling has not revealed anything that helped. Please help with suggestions as to how to diagnose what's going wrong, or even better, a fix! :)
