What ufw allows/denies by default?
Posted
by
mgibsonbr
on Ask Ubuntu
See other posts from Ask Ubuntu
or by mgibsonbr
Published on 2012-11-13T04:50:25Z
Indexed on
2012/11/13
5:15 UTC
Read the original article
Hit count: 331
I was accessing a server running Ubuntu 12.04 Server using SSH and managed to lock myself out of it. I'm still wondering how that happened:
- The firewall was enabled by default;
sudo ufw status
did not show any rules (but I could SSH to the server normally);I tried explicitly allowing ports
80
and443
using the commands:sudo ufw allow 80 sudo ufw allow 443
sudo ufw status
now showed something like:Status: active To Action From -- ------ ---- 80 ALLOW Anywhere 80 ALLOW Anywhere (v6) 443 ALLOW Anywhere 443 ALLOW Anywhere (v6)
(Recalling from memory and seeing some examples; I can't access the server to see the exact output, so I might be mistaken)
After logging out of SSH, now I can't log in anymore (connection timeout).
What just happened? There were no DENY
rules previously (AFAIK), neither I introduced any. How could SSH be previously available and now it's not? Does ufw
(or more precisely iptables
) allow everything by default, unless you explicitly allow something, then it denies everything by default? Or did I do something wrong, that broke the existing rules somehow?
© Ask Ubuntu or respective owner