How to get ufw firewall running at start-up on a live session

Forum Forums General Tips and Tricks How to get ufw firewall running at start-up on a live session

This topic contains 5 replies, has 3 voices, and was last updated by partsman Nov 7-5:26 pm.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #13148
    Member
    grenouille
    grenouille

    I spent many hours to try to make ufw run automatically / permanently on a live usb drive with AntiX 16.1, 17.1 and 17.2. I tried each time (with my translation from my French menu) :

    1) Menu → Applications →Preferences → Firewall configuration
    which brings a window of a greyed gufw (graphical ufw). Unfortunately a click on the ‘Unlock’ button doesn’t work. Only the message ‘bad identification’ appears in the window.

    2) Menu → Control Centre → Network → Firewall Management
    In this case the button ‘Unlock’ of the greyed window of gufw works : colours appear and the status of the firewall becomes active (a white check sign on a light blue background)
    But, unfortunately, only for the session. No permanence.

    3) In a terminal, I tried :
    $ sudo ufw status → Status : inactive
    $ sudo ufw enable → Firewall is active and enabled on system start-up
    But, unfortunately, also only for the session. No permanence.

    4) I also tinkered, without knowing enough, with :
    Menu → Control Centre → System Tools → Services management
    (or in a terminal with the command : $ sudo sysv-rc-conf )
    A basic black window appears. Near the end of the list of services, I checked the box for runlevel 2, 3, 4 and 5. Again, no permanence.

    Note : For users of a downloaded base version, at least in AntiX 17.1, the ufw package is not included. You must first install it :
    $ sudo update
    $ sudo apt-get install ufw
    Note to the developers : I know that space is limited to fit all the packages on a CD but considering that an intrusion attempt can occurs in less than 15 minutes after connection, I propose the inclusion of this package and his automatic running for basic security. Those who have knowledge can always disable it if they wish.

    I finally found the culprit for ufw not running at start-up : the boot option / parameter :
    disable=lx → which disable unnecessary services

    So on my live usb drive running a full AntiX 17.2 with the option ‘persist_static’, I erased the words ‘disable=lx’ from the line ‘Booting options’ on the boot page and tried to assure the change by putting the F8 option to ‘save’ instead of the standard ‘off’. I had to erase the words two times but it now works!
    ufw is up and running at start-up.

    #13217
    Member
    partsman
    partsman

    Hi grenouille
    Welcome to Antix ! 🙂

    FWIW as root you could have added a line to your /etc/rc.local file 😉

    example of how my line reads :
    # edited by me the user to start ufw
    ufw enable

    Anyway I thought That may be of some use !

    No need to mess with boot parameter 😉
    But thought someone might find it useful 🙂

    Anyone can build a fast processor. The trick is to build a fast system. (Seymour Cray)

    #13220
    Member

    skidoo

    grenouille, thanks, it’s a good tip.

    partsman, have you tested this? (asking b/c I expected the bootline “lx” declaration would still take precedence)

    #13223
    Member
    grenouille
    grenouille

    At partsman : thanks for the welcoming and the additional tip. We beginners and those just post newbie sometimes spend enormous time just trying to make it work. I fear some may even gave up. That’s why I try to make my posts comprehensive (even if they appear verbose).

    At skidoo : thanks for the comment and I confirm the validity of the tip of partsman.
    (I, of course, reinserted the main boot parameter ‘disable=lx’ before testing the tip 🙂

    #13225
    Member
    partsman
    partsman

    @ grenouille

    grenouille wrote :

    We beginners and those just post newbie sometimes spend enormous time just trying to make it work. I fear some may even gave up. That’s why I try to make my posts comprehensive (even if they appear verbose).

    Well belive me my friend ! I am far from a linux guru ! And sometimes even those with experience struggle ! But that is how we learn ! I also belive that beginners/newbie’s are very important ! There feedback is what helps make a distro better ! Not to mention experienced people can sometimes learn a little from a beginner too ! 😉 So never hesitate to post ! 😉 Just be respectful and have a little patience and everyone learns a little something ! “At least that is my theory: 🙂

    As far as the firewall on boot goes IDK that is just the way I have always done it ! LOL !

    Anyway Have fun ! Holler if you need something ! These guys are great ! 🙂

    Anyone can build a fast processor. The trick is to build a fast system. (Seymour Cray)

    #13226
    Member
    partsman
    partsman

    @ skidoo

    skidoo wrote:

    partsman, have you tested this? (asking b/c I expected the bootline “lx” declaration would still take precedence)

    If you find some info on this I would very much be interested in reading what you find !
    I will also will see what I can find ! Just finding the time is the next challenge ! LOL !

    Thanks !

    Anyone can build a fast processor. The trick is to build a fast system. (Seymour Cray)

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.