Ubuntu – UFW ‘default deny incoming’ doesn’t work

12.04firewalliptablesufw

I have UFW enabled, 'default deny incoming' set and no any additional rules, but I still can access all ports from other PCs.

I have to manually block each port. What can be wrong?

Best Answer

Citting the UFW introduction from Ubuntu Community...

The information bellow can be used to handle UFW from terminal using sudo for each command and providing root's password.

How can i enable UFW?

sudo ufw enable

this will enalbe UFW with default rules

Note that by default, deny is being applied to incoming.

How can i check UFW's status?

sudo ufw status verbose

How can i check any exceptions in rules? <-- with this you can check of what is blocked

sudo ufw show raw

You can also read the rules files in /etc/ufw (the files whose names end with .rules)

Examples:

  • To deny incoming tcp packets on port 53

sudo ufw deny 53/tcp

  • To deny incoming udp packets on port 53 <-- this is what are yiu looking for

sudo ufw deny 53/udp

  • Delete Existing Rule

To delete a rule, simply prefix the original rule with delete. For example, if the original rule was:

ufw deny 80/tcp

Use this to delete it:

sudo ufw delete deny 80/tcp

Full reference: https://help.ubuntu.com/community/UFW

Related Question