opensuse 13.1 firewall disable on boot
I have used GUFW for over a year now on Ubuntu without any problems to say the least. I added the latest version of GUFW to opensuse and even in root it shows it's inactive until I activate it. Is there a way to have it load automatically in opensuse like it does on Ubuntu?
sam@linux-8v0b:~> sudo -i
root's password:
linux-8v0b:~ # ufw status
Status: inactive
linux-8v0b:~ # ufw enable
Firewall is active and enabled on system startup
linux-8v0b:~ #
Thanks
Question information
- Language:
- English Edit question
- Status:
- Answered
- For:
- ufw Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Revision history for this message
|
#1 |
Hi! :) which gufw version are you using? Best regards!
Revision history for this message
|
#3 |
Uhm, gufw is showing the firewall disabled and ufw is enabled?
Revision history for this message
|
#4 |
All disable until I enable. Here is more info from root.
sam@linux-8v0b:~> sudo -i
root's password:
linux-8v0b:~ # ufw status
Status: inactive
linux-8v0b:~ # iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
linux-8v0b:~ # ufw enable
Firewall is active and enabled on system startup
linux-8v0b:~ # ufw status
Status: active
To Action From
-- ------ ----
80/tcp ALLOW OUT Anywhere
443/tcp ALLOW OUT Anywhere
25/tcp ALLOW OUT Anywhere
110/tcp ALLOW OUT Anywhere
143/tcp ALLOW OUT Anywhere
67/udp ALLOW OUT Anywhere
68/udp ALLOW OUT Anywhere
123/udp ALLOW OUT Anywhere
53 ALLOW OUT Anywhere
631 ALLOW OUT Anywhere
515 ALLOW OUT Anywhere
1194 ALLOW OUT Anywhere
linux-8v0b:~ # iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-
ufw-before-input all -- anywhere anywhere
ufw-after-input all -- anywhere anywhere
ufw-after-
ufw-reject-input all -- anywhere anywhere
ufw-track-input all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ufw-before-
ufw-before-forward all -- anywhere anywhere
ufw-after-forward all -- anywhere anywhere
ufw-after-
ufw-reject-forward all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ufw-before-
ufw-before-output all -- anywhere anywhere
ufw-after-output all -- anywhere anywhere
ufw-after-
ufw-reject-output all -- anywhere anywhere
ufw-track-output all -- anywhere anywhere
Chain ufw-after-forward (1 references)
target prot opt source destination
Chain ufw-after-input (1 references)
target prot opt source destination
ufw-skip-
ufw-skip-
ufw-skip-
ufw-skip-
ufw-skip-
ufw-skip-
ufw-skip-
Chain ufw-after-
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw-after-
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw-after-
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw-after-output (1 references)
target prot opt source destination
Chain ufw-before-forward (1 references)
target prot opt source destination
ufw-user-forward all -- anywhere anywhere
Chain ufw-before-input (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ufw-logging-deny all -- anywhere anywhere state INVALID
DROP all -- anywhere anywhere state INVALID
ACCEPT icmp -- anywhere anywhere icmp destination-
ACCEPT icmp -- anywhere anywhere icmp source-quench
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT udp -- anywhere anywhere udp spt:bootps dpt:bootpc
ufw-not-local all -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere 239.255.255.250 udp dpt:ssdp
ufw-user-input all -- anywhere anywhere
Chain ufw-before-
target prot opt source destination
Chain ufw-before-
target prot opt source destination
Chain ufw-before-
target prot opt source destination
Chain ufw-before-output (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ufw-user-output all -- anywhere anywhere
Chain ufw-logging-allow (0 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] "
Chain ufw-logging-deny (2 references)
target prot opt source destination
RETURN all -- anywhere anywhere state INVALID limit: avg 3/min burst 10
LOG all -- anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw-not-local (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere ADDRTYPE match dst-type LOCAL
RETURN all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
RETURN all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
ufw-logging-deny all -- anywhere anywhere limit: avg 3/min burst 10
DROP all -- anywhere anywhere
Chain ufw-reject-forward (1 references)
target prot opt source destination
Chain ufw-reject-input (1 references)
target prot opt source destination
Chain ufw-reject-output (1 references)
target prot opt source destination
Chain ufw-skip-
target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-skip-
target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-skip-
target prot opt source destination
DROP all -- anywhere anywhere
Chain ufw-track-input (1 references)
target prot opt source destination
Chain ufw-track-output (1 references)
target prot opt source destination
Chain ufw-user-forward (1 references)
target prot opt source destination
Chain ufw-user-input (1 references)
target prot opt source destination
Chain ufw-user-limit (0 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] "
REJECT all -- anywhere anywhere reject-with icmp-port-
Chain ufw-user-
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain ufw-user-
target prot opt source destination
Chain ufw-user-
target prot opt source destination
Chain ufw-user-
target prot opt source destination
Chain ufw-user-output (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:imap
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT udp -- anywhere anywhere udp dpt:bootpc
ACCEPT udp -- anywhere anywhere udp dpt:ntp
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:printer
ACCEPT udp -- anywhere anywhere udp dpt:printer
ACCEPT tcp -- anywhere anywhere tcp dpt:openvpn
ACCEPT udp -- anywhere anywhere udp dpt:openvpn
linux-8v0b:~ #
Thanks
Revision history for this message
|
#5 |
Hi Sam! :) I'm so sorry, but I don't see the problem yet :$
Is ufw always disabled in the operating system at the startup? Is that the problem?
Best regards :)
Revision history for this message
|
#6 |
Yes ufw is disabled on start up. I check in root if my rules are active and they are not. I load enable ufw and check in root for my rules and they are there. I now have gufw load on start up and I enable, then activate. My above post is clear that ufw is not loading as you can see there is not rules until I enable ufw. Please follow the out put from terminal above and you will see each command I had to type to activate ufw.
Thanks
Revision history for this message
|
#7 |
Hi Jamie! please, Could you give Sam any solution? Thanks in advance!
Revision history for this message
|
#8 |
Thanks costales, I will be looking forward to Jamie advice. :)
Can you help with this problem?
Provide an answer of your own, or ask Sam for more information if necessary.