[SOLVED] Ufw is not working as intented.

RounakDutta · 2024-05-28 10:27:59

I am using arch on my desktop which is connected to my private (personal) network. I decided to harden my UFW rules, so I changed the default incoming and outgoing policy to "deny". Then I created the following rules :-

[rounak@bruh ~]$  sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
Anywhere                   ALLOW       192.168.0.0/24

Anywhere                   ALLOW OUT   DNS                        
Anywhere                   ALLOW OUT   WWW Full                   
Anywhere                   ALLOW OUT   WWW                        
Anywhere                   ALLOW OUT   WWW Secure                 
Anywhere (v6)              ALLOW OUT   DNS (v6)                   
Anywhere (v6)              ALLOW OUT   WWW Full (v6)              
Anywhere (v6)              ALLOW OUT   WWW (v6)                   
Anywhere (v6)              ALLOW OUT   WWW Secure (v6)            

[rounak@bruh ~]$

After adding the following rules, my web browser (firefox) is still not working for some reason. I can't visit any websites. Where did I go wrong ?

My goal is to block all connections by default, and then I will whitelist the necessary components required for my arch to function properly.

EDIT: Tried to ping a website and it didn't work .

Last edited by RounakDutta (2024-05-28 22:15:05)

-thc · 2024-05-28 11:40:00

"WWW Full" = "WWW" + "WWW Secure" - you only need "WWW Full".

You somehow manged to create rules that work the wrong (to/from) way around.

Try

ufw allow OUT DNS
ufw allow OUT 'WWW Full'

The resulting ruleset table should read as

     To                         Action      From
     --                         ------      ----
[ 1] DNS                        ALLOW OUT   Anywhere                   (out)
[ 2] WWW Full                   ALLOW OUT   Anywhere                   (out)
[ 3] DNS (v6)                   ALLOW OUT   Anywhere (v6)              (out)
[ 4] WWW Full (v6)              ALLOW OUT   Anywhere (v6)              (out)

RounakDutta · 2024-05-28 22:14:46

Thanks a lot for the help . This is the consequence of me not reading "man ufw" and ufw docs properly. Thanks for the help and I will make sure to read the docs thoroughly before making a post to the forums.

Marking the post as solved.

Last edited by RounakDutta (2024-05-28 22:16:52)

Arch Linux

#1 2024-05-28 10:27:59

[SOLVED] Ufw is not working as intented.

#2 2024-05-28 11:40:00

Re: [SOLVED] Ufw is not working as intented.

#3 2024-05-28 22:14:46

Re: [SOLVED] Ufw is not working as intented.

Board footer