View previous topic :: View next topic |
Author |
Message |
gaurav712 n00b
Joined: 12 Jan 2019 Posts: 24 Location: India
|
Posted: Sun Feb 24, 2019 5:07 am Post subject: ufw isn't working. |
|
|
When I add ufw to rc-update. It slows down my pc like hell. Booting takes thrice the time, X as well and ufw isn't active even after that "BOOT" . When I try putting it in .xinitrc as "sudo ufw enable &". It freezes the whole interface. And, that's not due to 'sudo' as I've configured visudo, so it doesn't ask for password when using ufw. |
|
Back to top |
|
|
unheatedgarage n00b
Joined: 19 Sep 2016 Posts: 60
|
Posted: Tue Feb 26, 2019 11:33 am Post subject: |
|
|
gaurav712,
After trying UFW on-and-off for years, I finally gave up and took the plunge to learn more about Shorewall. It's well-documented with an active community. Lot's of Gentooers seem to use it, and it's been working just fine for me for about six months now. _________________ I'm not even mad; I'm impressed! |
|
Back to top |
|
|
Goverp Advocate
Joined: 07 Mar 2007 Posts: 2186
|
Posted: Wed Feb 27, 2019 10:16 am Post subject: Re: ufw isn't working. |
|
|
gaurav712 wrote: | When I add ufw to rc-update. It slows down my pc like hell. Booting takes thrice the time, X as well and ufw isn't active even after that "BOOT" . When I try putting it in .xinitrc as "sudo ufw enable &". It freezes the whole interface. And, that's not due to 'sudo' as I've configured visudo, so it doesn't ask for password when using ufw. |
You're doing something wrong. You only need to "ufw enable" once - it's a command line tool to switch the firewall on or off. As long as you have ufw in your default run-level, that's it.
I don't understand the performance hit. UFW just loads some (I presume, I use UFW to avoid having to understand that stuff) simple IPTables. Have you other firwall stuff that might be fighting it? or complex rules? My setup had just the defaults plus a few ports (rsync, NFS and the like) open to 192.168.0.0/24, and I notice no performance hit. _________________ Greybeard |
|
Back to top |
|
|
Fitzcarraldo Advocate
Joined: 30 Aug 2008 Posts: 2056 Location: United Kingdom
|
Posted: Wed Feb 27, 2019 3:22 pm Post subject: Re: ufw isn't working. |
|
|
Goverp wrote: | gaurav712 wrote: | When I add ufw to rc-update. It slows down my pc like hell. Booting takes thrice the time, X as well and ufw isn't active even after that "BOOT" . When I try putting it in .xinitrc as "sudo ufw enable &". It freezes the whole interface. And, that's not due to 'sudo' as I've configured visudo, so it doesn't ask for password when using ufw. |
You're doing something wrong. You only need to "ufw enable" once - it's a command line tool to switch the firewall on or off. As long as you have ufw in your default run-level, that's it.
I don't understand the performance hit. UFW just loads some (I presume, I use UFW to avoid having to understand that stuff) simple IPTables. Have you other firwall stuff that might be fighting it? or complex rules? My setup had just the defaults plus a few ports (rsync, NFS and the like) open to 192.168.0.0/24, and I notice no performance hit. |
Similar to me. No problems with UFW. I just needed to configure UFW for Samba and for KDE Connect:
Code: | $ sudo ufw status verbose
Password:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
137,138/udp ALLOW IN 192.168.1.0/24
139,445/tcp ALLOW IN 192.168.1.0/24
1714:1764/udp ALLOW IN Anywhere
1714:1764/tcp ALLOW IN Anywhere
$ sudo tail -n 12 /etc/ufw/before.rules
# don't delete the 'COMMIT' line or these rules won't be processed
COMMIT
# Need the following to enable Samba commands to work properly
# in a network using broadcast NetBIOS name resolution.
#
# raw table rules
*raw
:OUTPUT ACCEPT [0:0]
-F OUTPUT
-A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns
COMMIT |
_________________ Clevo W230SS: amd64, VIDEO_CARDS="intel modesetting nvidia".
Compal NBLB2: ~amd64, xf86-video-ati. Dual boot Win 7 Pro 64-bit.
OpenRC systemd-utils[udev] elogind KDE on both.
My blog |
|
Back to top |
|
|
nubiocicarini Tux's lil' helper
Joined: 20 Feb 2019 Posts: 80 Location: Brazil
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|