How to get ufw firewall running at start-up on a live session

Forum Forums General Tips and Tricks How to get ufw firewall running at start-up on a live session

  • This topic has 5 replies, 3 voices, and was last updated Nov 7-5:26 pm by partsman.
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #13148
    Member
    grenouille

      I spent many hours to try to make ufw run automatically / permanently on a live usb drive with AntiX 16.1, 17.1 and 17.2. I tried each time (with my translation from my French menu) :

      1) Menu → Applications →Preferences → Firewall configuration
      which brings a window of a greyed gufw (graphical ufw). Unfortunately a click on the ‘Unlock’ button doesn’t work. Only the message ‘bad identification’ appears in the window.

      2) Menu → Control Centre → Network → Firewall Management
      In this case the button ‘Unlock’ of the greyed window of gufw works : colours appear and the status of the firewall becomes active (a white check sign on a light blue background)
      But, unfortunately, only for the session. No permanence.

      3) In a terminal, I tried :
      $ sudo ufw status → Status : inactive
      $ sudo ufw enable → Firewall is active and enabled on system start-up
      But, unfortunately, also only for the session. No permanence.

      4) I also tinkered, without knowing enough, with :
      Menu → Control Centre → System Tools → Services management
      (or in a terminal with the command : $ sudo sysv-rc-conf )
      A basic black window appears. Near the end of the list of services, I checked the box for runlevel 2, 3, 4 and 5. Again, no permanence.

      Note : For users of a downloaded base version, at least in AntiX 17.1, the ufw package is not included. You must first install it :
      $ sudo update
      $ sudo apt-get install ufw
      Note to the developers : I know that space is limited to fit all the packages on a CD but considering that an intrusion attempt can occurs in less than 15 minutes after connection, I propose the inclusion of this package and his automatic running for basic security. Those who have knowledge can always disable it if they wish.

      I finally found the culprit for ufw not running at start-up : the boot option / parameter :
      disable=lx → which disable unnecessary services

      So on my live usb drive running a full AntiX 17.2 with the option ‘persist_static’, I erased the words ‘disable=lx’ from the line ‘Booting options’ on the boot page and tried to assure the change by putting the F8 option to ‘save’ instead of the standard ‘off’. I had to erase the words two times but it now works!
      ufw is up and running at start-up.

      #13217
      Member
      partsman
        Helpful
        Up
        0
        ::

        Hi grenouille
        Welcome to Antix ! 🙂

        FWIW as root you could have added a line to your /etc/rc.local file 😉

        example of how my line reads :
        # edited by me the user to start ufw
        ufw enable

        Anyway I thought That may be of some use !

        No need to mess with boot parameter 😉
        But thought someone might find it useful 🙂

        Anyone can build a fast processor. The trick is to build a fast system. (Seymour Cray)

        #13220
        Anonymous
          Helpful
          Up
          0
          ::

          grenouille, thanks, it’s a good tip.

          partsman, have you tested this? (asking b/c I expected the bootline “lx” declaration would still take precedence)

          #13223
          Member
          grenouille
            Helpful
            Up
            0
            ::

            At partsman : thanks for the welcoming and the additional tip. We beginners and those just post newbie sometimes spend enormous time just trying to make it work. I fear some may even gave up. That’s why I try to make my posts comprehensive (even if they appear verbose).

            At skidoo : thanks for the comment and I confirm the validity of the tip of partsman.
            (I, of course, reinserted the main boot parameter ‘disable=lx’ before testing the tip 🙂

            #13225
            Member
            partsman
              Helpful
              Up
              0
              ::

              @ grenouille

              grenouille wrote :

              We beginners and those just post newbie sometimes spend enormous time just trying to make it work. I fear some may even gave up. That’s why I try to make my posts comprehensive (even if they appear verbose).

              Well belive me my friend ! I am far from a linux guru ! And sometimes even those with experience struggle ! But that is how we learn ! I also belive that beginners/newbie’s are very important ! There feedback is what helps make a distro better ! Not to mention experienced people can sometimes learn a little from a beginner too ! 😉 So never hesitate to post ! 😉 Just be respectful and have a little patience and everyone learns a little something ! “At least that is my theory: 🙂

              As far as the firewall on boot goes IDK that is just the way I have always done it ! LOL !

              Anyway Have fun ! Holler if you need something ! These guys are great ! 🙂

              Anyone can build a fast processor. The trick is to build a fast system. (Seymour Cray)

              #13226
              Member
              partsman
                Helpful
                Up
                0
                ::

                @ skidoo

                skidoo wrote:

                partsman, have you tested this? (asking b/c I expected the bootline “lx” declaration would still take precedence)

                If you find some info on this I would very much be interested in reading what you find !
                I will also will see what I can find ! Just finding the time is the next challenge ! LOL !

                Thanks !

                Anyone can build a fast processor. The trick is to build a fast system. (Seymour Cray)

              Viewing 6 posts - 1 through 6 (of 6 total)
              • You must be logged in to reply to this topic.