2
1
- Every time I restart my computer, and check the status of the UFW firewall (
sudo ufw status
), it is disabled, even if I then enable and restart it. - I tried putting
sudo ufw enable
as one of the startup applications but it asks for the sudo password every time I log on, and I'm guessing it does not protect anyone else who logs on my computer.
How can I setup ufw so it is activated when I turn on my computer, and protects all accounts?
Update
I just tried /etc/init.d/ufw start
, and it activated the firewall. Then I restarted the computer, and again it was disabled.
content of /etc/ufw/ufw.conf
# /etc/ufw/ufw.conf
#
# set to yes to start on boot
ENABLED=yes
# set to one of 'off', 'low', 'medium', 'high'
LOGLEVEL=full
content of /etc/default/ufw
# /etc/default/ufw
#
# Set to yes to apply rules to support IPv6 (no means only IPv6 on loopback
# accepted). You will need to 'disable' and then 'enable' the firewall for
# the changes to take affect.
IPV6=no
# Set the default input policy to ACCEPT, ACCEPT_NO_TRACK, DROP, or REJECT.
# ACCEPT enables connection tracking for NEW inbound packets on the INPUT
# chain, whereas ACCEPT_NO_TRACK does not use connection tracking. Please note
# that if you change this you will most likely want to adjust your rules.
DEFAULT_INPUT_POLICY="DROP"
# Set the default output policy to ACCEPT, ACCEPT_NO_TRACK, DROP, or REJECT.
# ACCEPT enables connection tracking for NEW outbound packets on the OUTPUT
# chain, whereas ACCEPT_NO_TRACK does not use connection tracking. Please note
# that if you change this you will most likely want to adjust your rules.
DEFAULT_OUTPUT_POLICY="ACCEPT"
# Set the default forward policy to ACCEPT, DROP or REJECT. Please note that
# if you change this you will most likely want to adjust your rules
DEFAULT_FORWARD_POLICY="DROP"
# Set the default application policy to ACCEPT, DROP, REJECT or SKIP. Please
# note that setting this to ACCEPT may be a security risk. See 'man ufw' for
# details
DEFAULT_APPLICATION_POLICY="SKIP"
# By default, ufw only touches its own chains. Set this to 'yes' to have ufw
# manage the built-in chains too. Warning: setting this to 'yes' will break
# non-ufw managed firewall rules
MANAGE_BUILTINS=no
#
# IPT backend
#
# only enable if using iptables backend
IPT_SYSCTL=/etc/ufw/sysctl.conf
# extra connection tracking modules to load
IPT_MODULES="nf_conntrack_ftp nf_nat_ftp nf_conntrack_irc nf_nat_irc"
Update
Followed your advise and ran update-rc.d with no luck.
lester@mcgrath-pc:~$ sudo update-rc.d ufw defaults
update-rc.d: warning: /etc/init.d/ufw missing LSB information
update-rc.d: see <http://wiki.debian.org/LSBInitScripts>
Adding system startup for /etc/init.d/ufw ...
/etc/rc0.d/K20ufw -> ../init.d/ufw
/etc/rc1.d/K20ufw -> ../init.d/ufw
/etc/rc6.d/K20ufw -> ../init.d/ufw
/etc/rc2.d/S20ufw -> ../init.d/ufw
/etc/rc3.d/S20ufw -> ../init.d/ufw
/etc/rc4.d/S20ufw -> ../init.d/ufw
/etc/rc5.d/S20ufw -> ../init.d/ufw
lester@mcgrath-pc:~$ ls -l /etc/rc?.d/*ufw
lrwxrwxrwx 1 root root 13 2009-12-20 20:34 /etc/rc0.d/K20ufw -> ../init.d/ufw
lrwxrwxrwx 1 root root 13 2009-12-20 20:34 /etc/rc1.d/K20ufw -> ../init.d/ufw
lrwxrwxrwx 1 root root 13 2009-12-20 20:34 /etc/rc2.d/S20ufw -> ../init.d/ufw
lrwxrwxrwx 1 root root 13 2009-12-20 20:34 /etc/rc3.d/S20ufw -> ../init.d/ufw
lrwxrwxrwx 1 root root 13 2009-12-20 20:34 /etc/rc4.d/S20ufw -> ../init.d/ufw
lrwxrwxrwx 1 root root 13 2009-12-20 20:34 /etc/rc5.d/S20ufw -> ../init.d/ufw
lrwxrwxrwx 1 root root 13 2009-12-20 20:34 /etc/rc6.d/K20ufw -> ../init.d/ufw
please edit your question and include the content of the
/etc/default/ufw
and/etc/ufw/ufw.conf
files. also, which ubuntu version are you using? – quack quixote – 2009-11-28T20:10:54.317I am using Ubuntu 9.10. Upgraded from 9.04 by way of "Update Manager". – lamcro – 2009-11-28T21:01:33.107