Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[Solved] Ufw cannot be enabled on boot
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
reppk
n00b
n00b


Joined: 17 Mar 2016
Posts: 24

PostPosted: Tue Apr 25, 2017 6:10 pm    Post subject: [Solved] Ufw cannot be enabled on boot Reply with quote

Hello, everyone!

I installed ufw as my firewall, but it is always not enabled.
Code:
# systemctl status ufw.service
● ufw.service - Uncomplicated Firewall
   Loaded: loaded (/usr/lib/systemd/system/ufw.service; enabled; vendor preset:
   Active: active (exited) since Wed 2017-04-26 01:22:02 CST; 19min ago
 Main PID: 3739 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/ufw.service

Apr 26 01:22:02 woodman ufw-init[3739]: Skip starting firewall: ufw (not enabled
Apr 26 01:22:02 woodman systemd[1]: Started Uncomplicated Firewall.


I tried "ufw enable"commend, but it is disabled next time I boot the system.

What's the problem with my ufw setting?


Last edited by reppk on Fri Apr 28, 2017 9:42 am; edited 1 time in total
Back to top
View user's profile Send private message
reppk
n00b
n00b


Joined: 17 Mar 2016
Posts: 24

PostPosted: Tue Apr 25, 2017 6:34 pm    Post subject: Reply with quote

I edited /etc/ufw/ufw.conf:
Code:
# /etc/ufw/ufw.conf
#

# Set to yes to start on boot. If setting this remotely, be sure to add a rule
# to allow your remote connection before starting ufw. Eg: 'ufw allow 22/tcp'
ENABLED=yes

# Please use the 'ufw' command to set the loglevel. Eg: 'ufw logging medium'.
# See 'man ufw' for details.
LOGLEVEL=low


and restart ufw.service. Then, my network goes down:
Code:
● ufw.service - Uncomplicated Firewall
   Loaded: loaded (/usr/lib/systemd/system/ufw.service; enabled; vendor preset:
   Active: failed (Result: exit-code) since Wed 2017-04-26 02:24:14 CST; 46s ago
  Process: 3754 ExecStart=/usr/share/ufw/ufw-init start (code=exited, status=1/F
 Main PID: 3754 (code=exited, status=1/FAILURE)

Apr 26 02:24:14 woodman systemd[1]: ufw.service: Main process exited, code=exite
Apr 26 02:24:14 woodman ufw-init[3754]: iptables-restore: line 31 failed
Apr 26 02:24:14 woodman systemd[1]: Failed to start Uncomplicated Firewall.
Apr 26 02:24:14 woodman ufw-init[3754]: ip6tables-restore: line 27 failed
Apr 26 02:24:14 woodman systemd[1]: ufw.service: Unit entered failed state.
Apr 26 02:24:14 woodman ufw-init[3754]: Problem running '/etc/ufw/before.rules'
Apr 26 02:24:14 woodman ufw-init[3754]: Problem running '/etc/ufw/after.rules'
Apr 26 02:24:14 woodman ufw-init[3754]: Problem running '/etc/ufw/user.rules'
Apr 26 02:24:14 woodman ufw-init[3754]: Problem running '/etc/ufw/user6.rules'
Apr 26 02:24:14 woodman systemd[1]: ufw.service: Failed with result 'exit-code'.


What can I do?
Back to top
View user's profile Send private message
szatox
Veteran
Veteran


Joined: 27 Aug 2013
Posts: 1717

PostPosted: Tue Apr 25, 2017 9:34 pm    Post subject: Reply with quote

Fix syntax* errors in your rules.
Code:
Apr 26 02:24:14 woodman ufw-init[3754]: iptables-restore: line 31 failed
Apr 26 02:24:14 woodman ufw-init[3754]: ip6tables-restore: line 27 failed

It was even kind enough to provide you the line number.


* may be a logical error rather than syntax, though these are less likely to be detected by machines
Back to top
View user's profile Send private message
reppk
n00b
n00b


Joined: 17 Mar 2016
Posts: 24

PostPosted: Fri Apr 28, 2017 9:41 am    Post subject: Reply with quote

Thanks a lot.
It seems that ufw is not well supported in gentoo systemd.
I try to use iptables itself now.
Back to top
View user's profile Send private message
Goverp
l33t
l33t


Joined: 07 Mar 2007
Posts: 639

PostPosted: Sat Apr 29, 2017 9:51 am    Post subject: Reply with quote

ufw problems often result from bits of iptables missing from your kernel configuration. Run "/usr/share/ufw/check-requirements" to see.
_________________
Greybeard
Back to top
View user's profile Send private message
niceflower
Tux's lil' helper
Tux's lil' helper


Joined: 31 Mar 2017
Posts: 76

PostPosted: Tue May 09, 2017 11:14 am    Post subject: Reply with quote

To enable ufw on startup add to default run level
In systemd i noticed that ufw is a bit troublesome
In openrc:
Code:

# ufw enable
# rc-update add ufw default
# ufw service start
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum