Comments on: Firewall Ubuntu GUFW http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/ A LAMP in the Samsara Thu, 11 Mar 2010 21:41:45 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Tridgell http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1464 Tridgell Fri, 29 Jan 2010 06:24:12 +0000 http://blog.bodhizazen.net/?p=842#comment-1464 Cool! I think it is much better now after you clarified Cool! I think it is much better now after you clarified

]]> By: bodhi.zazen http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1463 bodhi.zazen Thu, 28 Jan 2010 22:07:17 +0000 http://blog.bodhizazen.net/?p=842#comment-1463 Tridgell: Sorry for the confusion. On my ufw/gufw blogs I am referring to "default deny" and the big "Deny" button. These settings set the default policy and as such are not rules in a chain. They are the same as "sudo iptables -P INPUT DROP" The default policy basically tells iptables what to do with a packet that does not match any rules. This is related, but not the same as the order of rules within a chain. Hope that clarifies things for you, if not, stop ufw and open a terminal. Look at teh output and effect of these commands : sudo iptables -L -v sudo iptables -P INPUT DROP sudo iptables -L -v sudo iptables -P INPUT ACCEPT sudo iptables -L -v Tridgell: Sorry for the confusion.

On my ufw/gufw blogs I am referring to “default deny” and the big “Deny” button.

These settings set the default policy and as such are not rules in a chain.

They are the same as “sudo iptables -P INPUT DROP”

The default policy basically tells iptables what to do with a packet that does not match any rules.

This is related, but not the same as the order of rules within a chain.

Hope that clarifies things for you, if not, stop ufw and open a terminal. Look at teh output and effect of these commands :

sudo iptables -L -v
sudo iptables -P INPUT DROP
sudo iptables -L -v
sudo iptables -P INPUT ACCEPT
sudo iptables -L -v

]]> By: Tridgell http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1459 Tridgell Thu, 28 Jan 2010 07:42:04 +0000 http://blog.bodhizazen.net/?p=842#comment-1459 You say ordering of rules is important and so deny first and then allow. Shouldn't it be other way round. First allow then deny. So if someone checks rules in the order, allow rules come before deny rules and it does what you expect it to do. Or am I missing anything You say ordering of rules is important and so deny first and then allow. Shouldn’t it be other way round. First allow then deny. So if someone checks rules in the order, allow rules come before deny rules and it does what you expect it to do. Or am I missing anything

]]> By: bodhi.zazen http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1448 bodhi.zazen Wed, 13 Jan 2010 21:27:25 +0000 http://blog.bodhizazen.net/?p=842#comment-1448 Thank your for your kind words, glad you are headed in the right direction. I am sure you will be teaching the rest of us in short order. Thank your for your kind words, glad you are headed in the right direction. I am sure you will be teaching the rest of us in short order.

]]> By: Ronnie aka running_rabbit07 http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1446 Ronnie aka running_rabbit07 Wed, 13 Jan 2010 02:00:37 +0000 http://blog.bodhizazen.net/?p=842#comment-1446 This is a great tutorial and I have added it to my UF sig. I am currently studying for my AS (I do plan to move to higher levels, but gotta start somewhere.) in Networking Security. Reading your threads on the forums and your blogs is sure to help make me a better network engineer. Thanks, Ronnie This is a great tutorial and I have added it to my UF sig. I am currently studying for my AS (I do plan to move to higher levels, but gotta start somewhere.) in Networking Security. Reading your threads on the forums and your blogs is sure to help make me a better network engineer.

Thanks,
Ronnie

]]> By: bodhi.zazen http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1367 bodhi.zazen Thu, 10 Dec 2009 15:49:39 +0000 http://blog.bodhizazen.net/?p=842#comment-1367 Glad it helped. I enjoy your blog by the way =) Glad it helped. I enjoy your blog by the way =)

]]> By: Nigel Babu http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1366 Nigel Babu Thu, 10 Dec 2009 07:22:37 +0000 http://blog.bodhizazen.net/?p=842#comment-1366 I was wondering how I configured GUFW after installing it from day 1 of Karmic. Now I got a decent how-to :) I was wondering how I configured GUFW after installing it from day 1 of Karmic. Now I got a decent how-to :)

]]> By: Destillat KW48-2009 | duetsch.info - GNU/Linux, Open Source, Softwareentwicklung, Selbstmanagement, Vim ... http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1323 Destillat KW48-2009 | duetsch.info - GNU/Linux, Open Source, Softwareentwicklung, Selbstmanagement, Vim ... Fri, 27 Nov 2009 09:35:37 +0000 http://blog.bodhizazen.net/?p=842#comment-1323 [...] Firewall Ubuntu GUFW [...] [...] Firewall Ubuntu GUFW [...]

]]> By: bodhi.zazen http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1316 bodhi.zazen Wed, 25 Nov 2009 14:23:38 +0000 http://blog.bodhizazen.net/?p=842#comment-1316 GUFW is an acronym for Graphical Uncomplicated FireWall So the name is not bad, just long ;) GUFW is an acronym for Graphical Uncomplicated FireWall

So the name is not bad, just long ;)

]]> By: Fabian Rodriguez http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/comment-page-1/#comment-1315 Fabian Rodriguez Wed, 25 Nov 2009 13:35:02 +0000 http://blog.bodhizazen.net/?p=842#comment-1315 GUFW ? It's unfortunate such nice application's names are impossible to pronounce and difficult to spell in all three languages I speak. There must be some way to come up with better names! :( GUFW ?

It’s unfortunate such nice application’s names are impossible to pronounce and difficult to spell in all three languages I speak.

There must be some way to come up with better names! :(

]]>