[Solved]Enabling firewall stops wifi network.

[Anonymous]

Im using ceni for wifi.Enabling ufw through control-centre > firewall disconnects wifi.If I enable through terminal the following error occurs but firewall activated.
Disabling firewall gets wifi back.
demo@antix1:~
$ sudo ufw enable
ERROR: problem running ufw-init
iptables-restore v1.8.2 (nf_tables): unknown option “–icmp-type”
Error occurred at line: 34
Try `
iptables-restore -h’ or ‘iptables-restore –help’ for more information.
ip6tables-restore v1.8.2 (nf_tables): unknown option “–icmpv6-type”
Error occurred at line: 36
Try `ip6tables-restore -h’ or ‘ip6tables-restore –help’ for more information.

Problem running ‘/etc/ufw/before.rules’
Problem running ‘/etc/ufw/before6.rules’

System info:

System:    Host: antix1 Kernel: 4.9.193-antix.1-amd64-smp x86_64 bits: 64 compiler: gcc v: 8.3.0 
           parameters: BOOT_IMAGE=/antiX-Frugal-4.9.193-antix.1-amd64-smp/vmlinuz 
           bdir=antiX-Frugal-4.9.193-antix.1-amd64-smp buuid=c7b4468c-27d0-4ab0-93e0-82c69e1eeec6 
           vga=791 persist_static tz=Asia/Kolkata quiet splasht disable=lxF 
           Desktop: MATE 1.20.4 info: mate-panel wm: marco 1.20.3 dm: LightDM 1.26.0 
           Distro: antiX-19_x64-base Marielle Franco 16 October 2019 
           base: Debian GNU/Linux 10 (buster) 
Machine:   Type: Desktop Mobo: Intel model: DG31PR v: AAD97573-306 serial: <filter> BIOS: Intel 
           v: PRG3110H.86A.0065.2009.0421.1559 date: 04/21/2009 
Memory:    RAM: total: 2.94 GiB used: 1.08 GiB (36.7%) 
           RAM Report: permissions: Unable to run dmidecode. Root privileges required. 
PCI Slots: Permissions: Unable to run dmidecode. Root privileges required. 
CPU:       Topology: Dual Core model: Intel Pentium E5200 bits: 64 type: MCP arch: Penryn 
           family: 6 model-id: 17 (23) stepping: A (10) microcode: A0B L2 cache: 2048 KiB 
           bogomips: 9999 
           Speed: 2500 MHz min/max: N/A Core speeds (MHz): 1: 2500 2: 2500 
           Flags: acpi aperfmperf apic arch_perfmon bts clflush cmov constant_tsc cx8 de dtherm 
           dts fpu fxsr ht kaiser lahf_lm lm mca mce mmx monitor msr mtrr nopl nx pae pat pbe pebs 
           pge pni pse pse36 rep_good sep ss sse sse2 ssse3 syscall tm tm2 tsc vme 
           Vulnerabilities: Type: l1tf mitigation: PTE Inversion 
           Type: mds status: Vulnerable: Clear CPU buffers attempted, no microcode; SMT disabled 
           Type: meltdown mitigation: PTI 
           Type: spec_store_bypass status: Vulnerable 
           Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization 
           Type: spectre_v2 mitigation: Full generic retpoline, STIBP: disabled, RSB filling 
Graphics:  Device-1: NVIDIA GT218 [GeForce 210] vendor: Micro-Star MSI driver: nouveau v: kernel 
           bus ID: 01:00.0 chip ID: 10de:0a65 
           Display: x11 server: X.Org 1.20.4 driver: modesetting unloaded: fbdev,vesa 
           compositor: marco v: 1.20.3 resolution: 1360x768~60Hz 
           OpenGL: renderer: NVA8 v: 3.3 Mesa 18.3.6 direct render: Yes 
Audio:     Device-1: Intel NM10/ICH7 Family High Definition Audio driver: snd_hda_intel v: kernel 
           bus ID: 00:1b.0 chip ID: 8086:27d8 
           Device-2: NVIDIA High Definition Audio vendor: Micro-Star MSI driver: snd_hda_intel 
           v: kernel bus ID: 01:00.1 chip ID: 10de:0be3 
           Sound Server: ALSA v: k4.9.193-antix.1-amd64-smp 
Network:   Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Intel 
           driver: r8169 v: 2.3LK-NAPI port: d000 bus ID: 03:00.0 chip ID: 10ec:8168 
           IF: eth0 state: down mac: <filter> 
           IF-ID-1: wlan0 state: up mac: <filter> 
           IP v4: <filter> type: dynamic scope: global broadcast: <filter> 
           WAN IP: <filter> 
Drives:    Local Storage: total: 2.05 TiB used: 1.45 TiB (71.0%) 
           ID-1: /dev/sda vendor: Seagate model: ST2000DM001-1CH164 size: 1.82 TiB block size: 
           physical: 4096 B logical: 512 B speed: <unknown> rotation: 7200 rpm serial: <filter> 
           rev: CC26 scheme: MBR 
           ID-2: /dev/sdb vendor: Seagate model: ST3250310AS size: 232.89 GiB block size: 
           physical: 512 B logical: 512 B speed: <unknown> serial: <filter> rev: A scheme: MBR 
           Optical-1: /dev/sr0 vendor: HL-DT-ST model: DVDRAM GH22NS50 rev: TN00 
           dev-links: cdrom,cdrw,dvd,dvdrw 
           Features: speed: 10 multisession: yes audio: yes dvd: yes rw: cd-r,cd-rw,dvd-r,dvd-ram 
           state: running 
RAID:      Message: No RAID data was found. 
Partition: ID-1: / raw size: N/A size: 7.81 GiB used: 1.05 GiB (13.4%) fs: overlay source: ERR-102 
           label: N/A uuid: N/A 
           ID-2: /home raw size: 10.00 GiB size: <root required> used: <root required> fs: ext4 
           dev: /dev/loop2 label: N/A uuid: 79915182-ecb3-4404-b2d5-4d5d204c7ed6 
           ID-3: /live/boot-dev raw size: 204.88 GiB size: 200.66 GiB (97.94%) 
           used: 39.73 GiB (19.8%) fs: ext4 dev: /dev/sdb3 label: N/A 
           uuid: c7b4468c-27d0-4ab0-93e0-82c69e1eeec6 
           ID-4: /live/linux raw size: 643.1 MiB size: <root required> used: <root required> 
           fs: squashfs dev: /dev/loop0 label: N/A uuid: N/A 
           ID-5: /live/persist-root raw size: 8.00 GiB size: <root required> used: <root required> 
           fs: ext4 dev: /dev/loop1 label: N/A uuid: d4e41fd9-686a-4f04-9211-c3877cfc835f 
           ID-6: /media/New_Volume raw size: 1.82 TiB size: 1.82 TiB (100.00%) 
           used: 1.41 TiB (77.4%) fs: ntfs dev: /dev/sda1 label: New Volume uuid: 60328CDD328CBA14 
           ID-7: /media/rootMX18.2 raw size: 25.00 GiB size: 24.48 GiB (97.93%) 
           used: 6.50 GiB (26.5%) fs: ext4 dev: /dev/sdb1 label: rootMX18.2 
           uuid: 5acf3450-fba6-420c-a2c1-58e8b62184ac 
           ID-8: swap-1 size: 3.00 GiB used: 0 KiB (0.0%) fs: swap swappiness: 10 (default 60) 
           cache pressure: 50 (default 100) dev: /dev/sdb2 label: N/A 
           uuid: b7edc25a-d5d5-42be-8532-0b82fda33db7 
Unmounted: Message: No unmounted partitions found. 
USB:       Hub: 1-0:1 info: Full speed (or root) Hub ports: 8 rev: 2.0 speed: 480 Mb/s 
           chip ID: 1d6b:0002 
           Device-1: 1-2:3 info: N/A type: Network driver: mt7601u interfaces: 1 rev: 2.0 
           speed: 480 Mb/s chip ID: 148f:7601 serial: <filter> 
           Hub: 2-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s 
           chip ID: 1d6b:0001 
           Device-2: 2-1:2 info: N/A type: Mouse driver: hid-generic,usbhid interfaces: 1 rev: 1.1 
           speed: 1.5 Mb/s chip ID: 0101:0007 
           Hub: 3-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s 
           chip ID: 1d6b:0001 
           Hub: 4-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s 
           chip ID: 1d6b:0001 
           Hub: 5-0:1 info: Full speed (or root) Hub ports: 2 rev: 1.1 speed: 12 Mb/s 
           chip ID: 1d6b:0001 
Sensors:   System Temperatures: cpu: 39.0 C mobo: N/A gpu: nouveau temp: 47 C 
           Fan Speeds (RPM): N/A 
Repos:     Active apt repos in: /etc/apt/sources.list.d/antix.list 
           1: deb http: //mx-pkg.mirror.net.in/MX-Linux/antix/buster/ buster main nonfree
           Active apt repos in: /etc/apt/sources.list.d/debian-stable-updates.list 
           1: deb http: //ftp.cn.debian.org/debian/ buster-updates main contrib non-free
           Active apt repos in: /etc/apt/sources.list.d/debian.list 
           1: deb http: //ftp.cn.debian.org/debian/ buster main contrib non-free
           2: deb http: //security.debian.org/ buster/updates main contrib non-free
           No active apt repos in: /etc/apt/sources.list.d/onion.list 
           No active apt repos in: /etc/apt/sources.list.d/various.list 
Processes: CPU top: 5 
           1: cpu: 6.0% command: firefox-esr pid: 10200 mem: 480.4 MiB (15.9%) 
           2: cpu: 3.7% command: xorg pid: 3221 mem: 76.7 MiB (2.5%) 
           3: cpu: 3.1% command: firefox-esr pid: 10241 mem: 187.7 MiB (6.2%) 
           4: cpu: 1.3% command: gtkdialog pid: 16029 mem: 41.5 MiB (1.3%) 
           5: cpu: 0.4% command: marco pid: 3505 mem: 51.8 MiB (1.7%) 
           Memory top: 5 
           1: mem: 480.4 MiB (15.9%) command: firefox-esr pid: 10200 cpu: 6.0% 
           2: mem: 187.7 MiB (6.2%) command: firefox-esr pid: 10241 cpu: 3.1% 
           3: mem: 81.3 MiB (2.7%) command: caja pid: 3537 cpu: 0.0% 
           4: mem: 79.8 MiB (2.6%) command: firefox-esr pid: 15257 cpu: 0.1% 
           5: mem: 76.7 MiB (2.5%) command: xorg pid: 3221 cpu: 3.7% 
Info:      Processes: 185 Uptime: 53m Init: SysVinit v: 2.93 runlevel: 5 default: 5 Compilers: 
           gcc: 8.3.0 alt: 8 Client: shell wrapper v: 5.0.3-release inxi: 3.0.36 

[Member model99]

Helpful

Up

0

::

It is a known issue with the 4.9 antix kernel that is causing your problem using the “ufw” firewall.

The issue was identified in the beta 2 and beta 3 release of antiX 19.

You need to replace the Linux kernel to solve your problem.

On my test machine which has a full install of Antix 19 amd64, I installed the following meta packages:

linux-headers-amd64
linux-image-amd64

Doing that installed the following packages:

linux-compiler-gcc-8-x86 (4.19.67-2+deb10u1)
linux-headers-4.19.0-6-amd64 (4.19.67-2+deb10u1)
linux-headers-4.19.0-6-common (4.19.67-2+deb10u1)
linux-image-4.19.0-6-amd64 (4.19.67-2+deb10u1)
linux-kbuild-4.19 (4.19.67-2+deb10u1)

Which is the latest Debian stable kernel.

Rebooted and the “ufw” firewall works as expected with this kernel with no problems making/keeping a wifi connection.

[Anonymous]

Helpful

Up

0

::

model99 wrote:

It is a known issue with the 4.9 antix kernel that is causing your problem using the “ufw” firewall.

Thanks @model99 for the heads up.My bad memory.

[Member VW]

Helpful

Up

0

::

Yes, many thanks model99.

“These are the times that try men's souls" - Thomas Paine

[Member macondo]

Helpful

Up

0

::

testing

antiX Core 64 Bit Runit IceWM

"Sometimes a man finds his destiny on the road he took to avoid it."

[Member model99]

Helpful

Up

0

::

Atlanelan and VW,

You are welcome. Glad it solved your problem.

model99

[Member hamster]

Helpful

Up

0

::

Good day,
Sorry for my stupid question: how do I install those meta packages? Can’t I just install an newer kernel, available for install in the antiX package installer? Which kernel would be best in this case to install as they are different kernels available and it’s quite difficult to chose.
Cheers

[Member VW]

Helpful

Up

0

::

I simply installed the 5.2.15 kernel, and headers, which works fine.

“These are the times that try men's souls" - Thomas Paine

[Member model99]

Helpful

Up

0

::

hamster wrote:

Good day,
Sorry for my stupid question: how do I install those meta packages? Can’t I just install an newer kernel, available for install in the antiX package installer? Which kernel would be best in this case to install as they are different kernels available and it’s quite difficult to chose.
Cheers

Not a stupid question at all.

Yes, you use the antiX package installer and install “Kernel-Debian_64bit_meltdown-patched” if you have a 64 bit installation.

Or you can use Synaptic, which is shown as “Manage Packages” in the Control Centre -> System window.

Click the search icon in the Synaptic window to find and the select the two packages for installation just like you would do for any package you want to install. After you have have selected the packages for installation, click the Apply icon in Synaptic to download and install the packages.

Another option is to use the command line to install the packages.

sudo apt-get install linux-headers-amd64 linux-image-amd64

The main difference between using the antiX package installer and the other methods is the antiX package installer installs a specific Linux kernel image. When that kernel image needs to be replaced with a newer version, it will need to be manually done by you.

linux-headers-amd64 and linux-image-amd64 are meta packages that when installed or upgraded will always point to the latest version of the Debian stable kernel headers and image. So all you have to do to have latest Linux kernel is upgrade your system like you normally do for other installed packages, say like Firefox for example.

[Anonymous]

Helpful

Up

0

::

Thats terrific explanation regarding linux image installation @model99. I have one more issue with firewall.Ufw does not start by default upon boot.Need to start manually by ‘sudo ufw enable’.

[Moderator caprea]

Helpful

Up

0

::

Atlanelan, in order to avoid any misunderstandings,
what’s the output of

sudo ufw status

right after booting ?

[Anonymous]

Helpful

Up

0

::

caprea wrote:

Atlanelan, in order to avoid any misunderstandings,
what’s the output of

sudo ufw status

right after booting ?

ufw inactive

[Member model99]

Helpful

Up

0

::

View file /etc/ufw/ufw.conf after executing the command “sudo ufw enable”.

It should show the following line if it will be automatically started upon boot up.

ENABLED=yes

Also you should have gotten a message after executing the command stating “ufw” will
be enabled at start up.

[Anonymous]

Helpful

Up

0

::

model99 wrote:

View file /etc/ufw/ufw.conf after executing the command “sudo ufw enable”.

It should show the following line if it will be automatically started upon boot up.

ENABLED=yes

Also you should have gotten a message after executing the command stating “ufw” will
be enabled at start up.

These are all exactly like what you said above.But ufw not enabled at startup.

[Member model99]

Helpful

Up

0

::

When I start up my full installation of antiX 19, I see the following
message on the screen.

Starting firewall: ufw...Setting kernel variables (/etc/ufw/sysctl.conf)

Do you get this message or something else regarding ufw?

If you do get the message, then something maybe turning off ufw.

You can run the following command to see if your installation meets
the requirements for using ufw:

sudo /usr/share/ufw/check-requirements

What type of installation do you have and which Linux kernel image
are you using?

[Author]

Posts