Questions tagged [ufw]
Uncomplicated Firewall is a firewall configuration tool for Linux. It acts as a frontend to iptables. Originally designed for Ubuntu, it is available on many Linux distributions.
489
questions
-1
votes
0
answers
31
views
Set UFW from list of Windows Defender rules
I want to adapt these firewall rules to UFW:
Direction
Protocol
Local Port
Remote Port
Local Scope
Remote Scope
Action
inbound
TCP
*
*
*
10.122.0.0/255.255.0.0, 10.129.0.0/255.255.0.0, 10.135.0.0/...
0
votes
2
answers
149
views
Abuse complaints on my Hetzner VPS
I have a Hetzner VPS and received an abuse complaint from a website owner that Hetzner forwarded to me. There have been a significant number of connections from multiple IP addresses from my server ...
- 13
1
vote
1
answer
52
views
Can UFW log rule changes?
Is there a way to make UFW log changes made to firewall rules over time?
I have some automated tooling that temporarily blocks IP addresses from time to time and there seems to be a foot-gun in there ...
- 143
0
votes
0
answers
70
views
UFW rules allow traffic from any IP to ports 80 and 443 despite specific deny rules
I am configuring UFW on my server to restrict HTTP (port 80) and HTTPS (port 443) traffic to a specific IP address while denying all other traffic. The rules work correctly for SSH (port 22), but ...
- 247
0
votes
1
answer
69
views
DNS resolution in NAT gateway blocked by ufw
I have a LAN (172.16.0.0/24) and 2 servers:
"Bastion" (172.16.0.3), which has a public IP and can reach internet
"Redis" (172.16.0.4), which doesn't have a public IP and can't ...
- 534
0
votes
0
answers
21
views
UFW -- Will placing a specific IP above a CIDR allow that IP superseding the CIDR deny?
I cannot reliably get results from my testing .. But if I had said rules in this order:
zak@Web:~$sudo ufw status
Status: active
To Action From
-- ...
- 356
1
vote
1
answer
108
views
Upgraded from 18.04 to Ubuntu 20.04 - microk8s local DNS resolution stopped working
I have a server that started out on Ubuntu 16.04. I'm trying to get it current so I did an upgrade from 16.04 to 18.04 (Which was mostly trouble free) I let that run for a day to make sure everything ...
- 21
0
votes
1
answer
35
views
GUFW Graphical Noise, Blurred Options
I installed GUFW but when I run it I have blurred options, buttons, graphical glitches and I can't select any option because I can't see anything.
enter image description here
- 5
0
votes
0
answers
31
views
Debian firewall allowing connections on port 3000 [duplicate]
I have a Debian server running Rocket Chat. The web interface is on port 3000 and works.
I am trying to configure LetsEncrypt and checking the firewall it appears only port 22 is permitted.
How can I ...
- 153
1
vote
1
answer
279
views
fail2ban for dovecot not working
i have set up ufw in linux mint and works fine.
in my linux mint box i run dovecot and i see many failure login tries.
I set up fail2ban like this:
[dovecot-pop3imap]
enabled = true
filter = dovecot-...
- 11
0
votes
1
answer
259
views
Port Forwarding all ports in UFW to a VPN Client on Ubuntu Server
I am running a VPN Wireguard server on Ubuntu 22.04. I am trying to forward all ports from the server to a vpn client on 10.10.10.2. As of now, I have perfected port forwarding for single ports. In /...
- 93
0
votes
0
answers
129
views
UFW blocks traffic despite there is an allow rule
I have Ubuntu server with OpenVPN server running there.
IP addresses as follows:
enp1s0: 192.168.3.67/24
tun0: 172.18.37.1/24
OpenVPN is configured so that devices behind the VPN client are ...
- 1
0
votes
1
answer
212
views
How to save custom rule in ufw? Ubuntu 23.10
I am using ufw and I would like to add a custom rule
iptables -I INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
But even following
iptable-save
Upon reboot, the rule is gone.
I also ...
- 125
0
votes
2
answers
339
views
Ubuntu 20.04 server ignores incoming postfix connections on IPv4, accepts IPv6
I've hacked my server to bits and now I need help.
Everything was working, but I think these issues started when I tried to add a VPN server to this server to test some items at work. That process ...
- 3
0
votes
1
answer
214
views
Why I'm getting these random [UFW BLOCK] requests in my syslogs?
I just noticed large numbers of these random requests getting blocked by UFW in my ubuntu server 22.04
9:34 AM [UFW BLOCK] IN=eno1 OUT= MAC=[MY_SERVER_MAC_ADDRESS] SRC=193.254.3.18 DST=[...
- 103
0
votes
0
answers
167
views
wireguard - restrict routing in wg subnet for specific client
I need to restrict access of specific client in wireguard subnet to other clients except one in this subnet.
By default, client can send packets to each other.
Here's postUp and postDown settings for ...
- 1
0
votes
0
answers
68
views
Linux iptables/UFW - Exclude ONE host from nat
Currently I am using UFW to NAT two IPv4 Subnets to VPN Interfaces like this:
extract of /etc/ufw/before.rules:
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.1.0/24 -o ...
0
votes
0
answers
113
views
Cannot Access Tomcat Server from external server
I have found several people with this problem, tried many solutions, but none have worked for me.
I have recently setup a new VPS at a hosting company, linux with Centos9.
I've installed and run ...
0
votes
2
answers
141
views
setup up ssh connection with 3 Ubuntu machines to bypass a firewall
I have 3 machines, here are the IP addresses of each of them with their ssh port :
first device IP: 192.168.1.2
second device IP" 192.168.1.3 port 22822
third device IP: 192.168.1.4 port 22
I ...
0
votes
0
answers
33
views
Confusion with VirtualBox forwarding and ufw rules
Got a requirement to run some old software running on an old Linux box using VirtualBox, but want to lock it down so that only very specific ports can be accessed from very specific IP addresses.
The ...
- 1
-1
votes
1
answer
70
views
Get iptables rule from ufw
Using ufw, concerning mDNS, I see:
~> sudo ufw enable
~> sudo iptables -L
ufw-not-local all -- anywhere anywhere
ACCEPT udp -- anywhere mdns.mcast.net udp ...
- 99
0
votes
0
answers
132
views
UFW IP does not block nginx
I have the following problem. I have an Alpine Linux system, not in a container. An Nginx web server and the UFW firewall run on it. If an Error 400 or 404 is triggered, UFW blocks the IP. This works ...
- 111
0
votes
0
answers
250
views
Certbot cannot obtain certificate when firewall is on
I have a script that creates a new nginx configuration for some domain and within this script, I am requesting new certificate via certbot. I am running newest debian server with ufw enabled (...
- 111
1
vote
0
answers
215
views
UFW is not filtering traffic routed through bridge
I am experiencing a case where UFW is not blocking packets coming from a VPN host, going through the VPN interface, then through a bridge and finally to a VM. I could configure another firewall on the ...
- 11
0
votes
0
answers
119
views
ssh to the same server of openvpn, tries to connect with original IP instead of VPN IP
I'm using ubuntu Linux 22.04.3 LTS with OpenVPN 2.5.5 and i have ssh server installed there too.
i want people to be able to connect to that server by ssh only if they are connected to the VPN.
that ...
- 333
0
votes
1
answer
170
views
Banning an IP address (or subnet) on Debian (still connecting after ufw and iptables)
I know the subject of banning IP addresses have been covered multiple times but for some reason I'm failing to address/identify this one.
I am trying to identify a problem with random attacks of some ...
- 446
0
votes
1
answer
789
views
UFW firewall deny incoming connections except for one ip
I want to deny all incoming connections to port 6677 except for one ip-address (so it can only be reached from a docker container running on the host, the port should not be accessible from "...
- 3
1
vote
0
answers
457
views
Strange Networking Issue: Ports 80 and 433 Unreachable from Outside, Docker
I'm encountering a perplexing networking issue that has me scratching my head. Here's the situation: I'm unable to access ports 80 and 433 from the outside, but I can forward any other port within ...
3
votes
0
answers
158
views
Why is UFW blocking this connection?
I have a problem with a user who is unable to access a Ubuntu 22.04 webserver (he gets ERR_CONNECTION_RESET), apparently due to the firewall blocking his connections. However he IS able to access a ...
- 131
0
votes
0
answers
165
views
UFW Blocking packets it shouldn't be
I saw a lot of other questions around this topic, but none of the issues those other people had seem to apply to my case. I have this ufw config:
23 ALLOW Anywhere ...
0
votes
0
answers
104
views
iptables DNAT works for first curl request, then hangs
I want to forward all packets coming to 192.168.1.10:8070 on interface wlan0 to 10.59.99.4:8080 on interface wg0.
I added these two rules to iptables:
-A PREROUTING -p tcp --destination 192.168.1.10 --...
- 1
0
votes
1
answer
218
views
How can some IP addresses bypass UFW rules? I get attacks from China and other places
I have an Apache web server running under Ubuntu 20.04 LTS.
I allowed the access to the website only to specific ranges of IP addresses.
Everything was working fine until I saw some requests (attacks) ...
0
votes
0
answers
216
views
Cannot insert ufw rule for IPv6 addresses
I have a server which is being tested and not yet ready for public access, hence general traffic is blocked by ufw.
I am trying to add some Google IP address ranges in the allowed rules which need to ...
- 101
0
votes
0
answers
787
views
cURL hangs unless using IPv6 with HTTPS
I need to make some cURL requests to a server that doesn't have an ipv6 address, but my machine only seems able to connect when 1) using https, and 2) using ipv6. Other requests hang indefinitely ...
- 1
0
votes
1
answer
532
views
Docker compose gitea remote ssh connection refused
I have setup Gitea on an Ubuntu server using this docker-compose config:
version: '3.9'
services:
db:
image: docker.io/bitnami/postgresql:15
volumes:
- 'db_data:/bitnami/postgresql'
...
0
votes
0
answers
70
views
Tracing / Solving a sudden spike in Apache2
My server is running on Ubuntu20.04, a pure LAMP stack with Apache 2.4.41.
In the last few weeks, there was a total of 2 occurrence where Apache2 was not responsive (users can't load our website), and ...
0
votes
0
answers
206
views
Putty connection time out after enabling firewall
I have a problem after enabling ufw firewall. Everything was working well for the last few months but I wanted to add SSL and redirect traffic http->https so I wanted to open port 443. What I did - ...
- 101
0
votes
1
answer
724
views
Is it possible to forward with UFW from a machine connected to ZeroTier VPN and situated on the LAN towards another machine on the LAN?
I am attempting to make possible for any machine connected to my VPN to be able to access services within containers on my server.
For this I have set a server with PROXMOX and subscribed to a Free ...
0
votes
1
answer
249
views
ufw firewall not working as expected (block specific incoming IPs)
So, I see these Apache access.log entries coming in every minute:
mydomain.com:80 95.211.199.153 - - [19/Apr/2023:23:34:28 +0000] "GET /index.html HTTP/1.1" 200 1425 "-" "Leaf/...
0
votes
1
answer
232
views
Having trouble with ipset behaviour
Have a script to populates ipsets and then I do:
/sbin/iptables -I INPUT -m set --match-set ipsum src -j DROP
Now not sure how this works out for other ports but I know that if I want the addresses ...
0
votes
0
answers
299
views
Forwarding (local) RTSP/HLS traffic via VPN to expose on WAN IP of VPS
I feel like I am overcomplicating this extremely by wanting to do it securely, so a fresh look at this would help a lot.
I have a webcam that I want to publish / embed on a website. My current setup ...
- 1
0
votes
0
answers
543
views
I am trying to set up a simple http server in port 8000 and connect remotely. UFW is open at 8000, but the connection is refused
I am new to networking and servers and I am trying to get started by setting up a simple server in port 8000 in a remote host with python -m http.server 8000 and telnet from my local computer
I've ...
0
votes
1
answer
2k
views
UFW not allowing specified ports
I have this
Status: active
Logging: on (low)
Default: allow (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- --...
- 341
0
votes
1
answer
394
views
Accessing server behind wireguard not possible
I am running a VM at hetzner (named gateway in the diagram below) that is used as a wireguard server. I hand out public IPv6 addresses via wireguard to clients. It is possible to ping all systems from ...
- 111
0
votes
1
answer
5k
views
Wireguard is not working: 'wg0' is not a WireGuard interface
I've got an issue with wireguard. I have a debian-based VPS, and a Manjaro client.
Here is my /etc/wireguard/wg0.conf of a server:
[Interface]
Address = 10.0.0.1/24
ListenPort = 194
PrivateKey = <...
0
votes
1
answer
255
views
How do I block outgoing SYN packets on my Ubuntu 18 server?
I have an Ubuntu 18 server which is being used as a VPN server ( V2RAY ) . My VPS provider ( OVH ) has sent me this abuse report :
2022.10.22 12:40:47 CEST 51.91.11.***:53258 8.8.8.8:443 TCP SYN 60 ...
- 33
0
votes
0
answers
54
views
On Virtual Private Server, ports are not reachable from the internet although no firewall is enabled
I have a newly set up virtual private server running Ubuntu 22.04. ufw is still disabled, iptables -L tells me all chains have the ACCEPT default policy, no specific rules are defined. So I'd expect ...
- 1
0
votes
0
answers
3k
views
wireguard docker, iptables and port forwarding to client
I have a dedicated server running Ubuntu 22.04 with a wireguard (wg-easy) server running in docker.
(ip addresses are examples)
Dedicated server
Wireguard Docker IP
Wireguard Client IP
142.250.70....
- 21
0
votes
1
answer
4k
views
How to allow the traffic for a specific interface in ufw unconditionally
I've installed OpenVPN and now the firewall (ufw) is blocking the traffic for the client that connects to it. I'm sure of my OpenVPN setup since when I disable the firewall, I can access IPs from my ...
- 519
1
vote
0
answers
175
views
UFW warns about ports in /etc/services. Can that be disabled?
Whenever I do certain ufw commands, like ufw status, it outputs this before printing the data I was after:
WARN: Skipping 'mysql': also in /etc/services
WARN: Skipping 'ntp': also in /etc/services
...
- 249