What ufw allows/denies by default?

Posted by mgibsonbr on Ask Ubuntu See other posts from Ask Ubuntu or by mgibsonbr
Published on 2012-11-13T04:50:25Z Indexed on 2012/11/13 5:15 UTC
Read the original article Hit count: 331

Filed under:
|
|
|

I was accessing a server running Ubuntu 12.04 Server using SSH and managed to lock myself out of it. I'm still wondering how that happened:

  1. The firewall was enabled by default;
  2. sudo ufw status did not show any rules (but I could SSH to the server normally);
  3. I tried explicitly allowing ports 80 and 443 using the commands:

    sudo ufw allow 80
    sudo ufw allow 443
    
  4. sudo ufw status now showed something like:

    Status: active
    
    To                         Action      From
    --                         ------      ----
    80                         ALLOW       Anywhere
    80                         ALLOW       Anywhere (v6)
    443                        ALLOW       Anywhere
    443                        ALLOW       Anywhere (v6)
    

    (Recalling from memory and seeing some examples; I can't access the server to see the exact output, so I might be mistaken)

  5. After logging out of SSH, now I can't log in anymore (connection timeout).

What just happened? There were no DENY rules previously (AFAIK), neither I introduced any. How could SSH be previously available and now it's not? Does ufw (or more precisely iptables) allow everything by default, unless you explicitly allow something, then it denies everything by default? Or did I do something wrong, that broke the existing rules somehow?

© Ask Ubuntu or respective owner

Related posts about 12.04

Related posts about server