DEVHIDE
Login Or Sign up

UFW blocks most ports until disabled and re-enabled after reboot

6.7k Views Asked by At

I have UFW running on my server. When I restart it:

$sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere                  
1194/udp                   ALLOW       Anywhere                  
5550                       ALLOW       Anywhere                  
80/tcp                     ALLOW       Anywhere                  
443/tcp                    ALLOW       Anywhere                  
8000                       ALLOW       Anywhere                  
OpenSSH (v6)               ALLOW       Anywhere (v6)             
1194/udp (v6)              ALLOW       Anywhere (v6)             
5550 (v6)                  ALLOW       Anywhere (v6)             
80/tcp (v6)                ALLOW       Anywhere (v6)             
443/tcp (v6)               ALLOW       Anywhere (v6)             
8000 (v6)                  ALLOW       Anywhere (v6)

When I try to run it however, my ports 8000 and 1194 are currently being blocked.

When I run:

$sudo ufw disable
$sudo ufw enable

Then the ports are open. When I run status after that, it is the exact same as previously pasted.

ubuntu server firewall ufw
Original Q&A
4

There are 4 best solutions below

1
On

I'm having same issue with my http and https ports that they are blocked by ufw by reboot. After i disable and enable UFW all ports are running from my UFW firewall rules. Same with sudo ufw reload command.

So i create a workaround by my machine and create a system.d service which starts a simple script in /etc/systemd/system/firewall.service.

[Unit]
Description=Firewall restart blocking solution.

[Service]
Type=simple
ExecStart=/var/scripts/firewall.sh

[Install]
WantedBy=multi-user.target

Then my script is simple

#!/bin/bash
sudo ufw reload

At least i setup to start my init.d on boot

sudo systemctl enable firewall.service

Then all my ports works after a reboot fine. It's maybee a workaround of this issue.

0
On

My impression is that the changes made with ufw have not been saved and are transient. Rebooting without saving the new rules results in loading the previously saved older rules.

Save the new rules with: 

iptables-save > /etc/iptables.rules

These rules should be reloaded automatically by the system at boot time. Or they can be reloaded with:

iptables-restore < /etc/iptables.rules
0
On

Thanks to the reminder from @Nicholas. The problem is caused by iptables-persistent indeed. However, simply remove iptables-persistent is not a good solution as there maybe other rules applied through iptables. Thus if iptables-persistent is installed, a better way may be to persistent ufw rules using iptables-persistent, i.e.,

sudo ufw reload
sudo netfilter-persistent save
2
On

The real solution is to uninstall iptables-persistent and its dependency: sudo apt remove iptables-persistent and sudo apt autoremove.

As per: https://github.com/pivpn/pivpn/issues/414

Related Questions in UBUNTU

Related Questions in SERVER

Related Questions in FIREWALL

Related Questions in UFW

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.