Forum › Forums › New users › New Users and General Questions › UFW disabled after reboot
- This topic has 8 replies, 2 voices, and was last updated Nov 15-10:26 pm by GeoffC.
-
AuthorPosts
-
November 15, 2020 at 4:27 am #45021Member
GeoffC
I built a live usb from the (Oct 15th) antiX-19.3_386-full.iso (sha256 verified), upgraded all packages, then remastered it. Now when I enable UFW then reboot, UFW boots up in a disabled state.
I didn’t notice this happening before. Has something changed or did I just miss this behaviour?
November 15, 2020 at 4:32 am #45022MemberGeoffC
::Oh, I should add that I am using persist_static. Also, all the rules are still intact in UFW, but it’s state has been altered to disabled.
November 15, 2020 at 5:15 am #45023Moderator
christophe
::Hello, GeoffC
Try re-enabling it
sudo ufw enable
then reboot — double-checking that persist_static is enabled. See if ufw running as expected.sudo ufw statusI use static persistence all the time. The only thing I can think is that maybe you may have booted without persistence once, and enabled it when persistence wasn’t being saved… because, you are right. That shouldn’t be happening. (I’ve done that sort of thing by accident in the past.)
- This reply was modified 2 years, 5 months ago by christophe.
- This reply was modified 2 years, 5 months ago by christophe.
confirmed antiX frugaler, since 2019
November 15, 2020 at 5:49 am #45026MemberGeoffC
::I just checked it again to be sure, to be sure π
– enabled UFW, then rebooted (and checked to ensure persist_static is set on) –> UFW status reports disabled after reboot.Other aspects of persistence seem to be working ok – I uncommented the ctl-alt-t shortcut for terminal and it still works after a reboot.
November 15, 2020 at 7:06 am #45027Moderator
christophe
::Ah-ha!
When you get to the live-USB boot screen, where you can choose/change boot options, there is a line of editable text:
quiet splasht disable=lxF
These are additional boot parameters. The last one (“disable=”) disables some services to use less RAM. If you change that parameter to:
quiet splasht disable=lF
(that is, delete the “x”), then ufw will NOT be disabled; it will run as we expected.(I have deleted the whole “disable=” parameter on my systems, so I forgot about how that disables some services — sorry to make you jump through that “double-checking” hoop, earlier.)
- This reply was modified 2 years, 5 months ago by christophe. Reason: clarification
confirmed antiX frugaler, since 2019
November 15, 2020 at 7:26 am #45029MemberGeoffC
::Oh WOW, that’s awesome – you totally nailed it!!!
Thanks for taking the time to solve my dumb problem π
November 15, 2020 at 7:32 am #45030Moderator
christophe
::I’m glad to help! That’s why we’re here. (And the problem wasn’t dumb.) π
confirmed antiX frugaler, since 2019
November 15, 2020 at 8:23 am #45034MemberGeoffC
::Well, I guess it could be important if people don’t realise their firewall is being disabled by a reboot π
Anyway, thanks again.
November 15, 2020 at 10:26 pm #45108MemberGeoffC
::For the sake of other noobs like me who may read this, I will also add that the other “disable=” parameter “l” (lean) prevents UFW from logging (via rsyslog). So if you want ufw logs remove the “l” (and save the change) or manually restart rsyslog service (each reboot?).
-
AuthorPosts
- You must be logged in to reply to this topic.