Comments on: Firewall Ubuntu GUFW

By: bodhi.zazen

bodhi.zazen — Mon, 06 Jun 2011 03:08:55 +0000

@Brian – They are slowly adding features to ufw / gufw. Submit a feature request on Launchpad.

By: Brian

Brian — Sun, 05 Jun 2011 04:13:37 +0000

Thanks for a great into to this program.
Hope they add more features to it like “limit ssh/tcp” and other cli commands..

By: bodhi.zazen

bodhi.zazen — Mon, 21 Mar 2011 15:55:00 +0000

@Harish:

gufw is in the repositories (universe), check your repositories.

http://packages.ubuntu.com/cgi-bin/search_packages.pl?keywords=gufw&searchon=name&subword=1&version=all&release=all

gufw is a graphical application, so it will not run without X.

By: Harish

Harish — Sat, 19 Mar 2011 08:49:46 +0000

While installing gufw i’m getting following errors, for the two respective commands listed for gufw installation…Plz help me…

E: Some index files failed to download, they have been ignored, or old ones used instead.

E: Unable to locate package gufw

By: Juegos

Juegos — Wed, 28 Apr 2010 23:41:01 +0000

It works :-) what I miss is a desktop icon. Thanks for writing this post.

By: Duane

Duane — Thu, 18 Mar 2010 00:56:58 +0000

Thanks for your exceptionally informative information on GUFW. Also, your postings in the Ubuntu Forums were extremely helpful. Thanks!

By: Tridgell

Tridgell — Fri, 29 Jan 2010 06:24:12 +0000

Cool! I think it is much better now after you clarified

By: bodhi.zazen

bodhi.zazen — Thu, 28 Jan 2010 22:07:17 +0000

Tridgell: Sorry for the confusion.

On my ufw/gufw blogs I am referring to “default deny” and the big “Deny” button.

These settings set the default policy and as such are not rules in a chain.

They are the same as “sudo iptables -P INPUT DROP”

The default policy basically tells iptables what to do with a packet that does not match any rules.

This is related, but not the same as the order of rules within a chain.

Hope that clarifies things for you, if not, stop ufw and open a terminal. Look at teh output and effect of these commands :

sudo iptables -L -v
sudo iptables -P INPUT DROP
sudo iptables -L -v
sudo iptables -P INPUT ACCEPT
sudo iptables -L -v

By: Tridgell

Tridgell — Thu, 28 Jan 2010 07:42:04 +0000

You say ordering of rules is important and so deny first and then allow. Shouldn’t it be other way round. First allow then deny. So if someone checks rules in the order, allow rules come before deny rules and it does what you expect it to do. Or am I missing anything

By: bodhi.zazen

bodhi.zazen — Wed, 13 Jan 2010 21:27:25 +0000

Thank your for your kind words, glad you are headed in the right direction. I am sure you will be teaching the rest of us in short order.