Ufw Error: Problem Running
Currently i have a server running Ubuntu 14.04 on a LEMP stack, i was trying to enable UFW following this.But after i run. sudo ufw allow ssh.I'm getting the following error:ERROR: initcapsErrno 2 modprobe: ERROR:./libkmod/libkmod.c:556 kmod searchmoddep could not open moddep file '/lib/modules/3.13.0-36-generic/modules.dep.bin'ip6tables v1.4.21: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)Perhaps ip6tables or your kernel needs to be upgraded.Any ideas?
UFW or Uncomplicated Firewall is an application to manage an iptables based firewall on Ubuntu. UFW is the default firewall configuration tool for Ubuntu Linux and provides a user-friendly way to configure the firewall, the UFW command is just like English language so the commands are easy to remember.
Install UFW FirewallThe Internet, as the biggest computer network is not always fill with good people. In order to make sure our computers / servers are safe, we need to protect it.One of the must have component on your computer / servers is Firewall. From Wikipedia, a definition is:In computing, a firewall is a software or hardware-based network security system that controls the incoming and outgoing network traffic by analysing the data packets and determining whether they should be allowed through or not, based on applied rule set.Iptables is one of the firewall that widely used by servers. It is a program used to manage incoming and outgoing traffic in the server based on a set of rules. Generally, only trusted connection is allowed to enter the server. But IPTables is running at console mode and it’s complicated. Those who’re familiar with iptables rules and commands, they can read the following article that describes how to use iptables firewall.Installation of UFW Firewall in Debian/UbuntuTo reduce the complexity of how-to setting IPTables, there is a lot of fronted.
If you’re running Ubuntu Linux, you will find ufw as a default firewall tool. Lets start to explore about ufw firewall. What is ufwThe ufw ( Uncomplicated Firewall) is an frontend for most widely used iptables firewall and it is well comfortable for host-based firewalls.
Ufw gives a framework for managing netfilter, as well as provides a command-line interface for controlling the firewall. It provides user friendly and easy to use interface for Linux newbies who are not much familiar with firewall concepts.While, on the other side same complicated commands helps administrators it set complicated rules using command line interface.
The ufw is an upstream for other distributions such as Debian, Ubuntu and Linux Mint. Basic Usage ufwFirst, check if ufw is installed using following command. $ sudo dpkg -get-selections grep ufwufw installIf it’s not installed, you can install it using apt command as shown below. $ sudo apt-get install ufwBefore you use, you should check whether ufw is running or not. Use the following command to check it. $ sudo ufw statusIf you found Status: inactive, it mean it’s not active or disable.NEW!
An indispensable ebook for every Linux administrator! Enabling / Disabling ufwTo enable it, you just need to type the following command at the terminal. $ sudo ufw enableFirewall is active and enabled on system startupTo disable it, just type. $ sudo ufw disable List the current ufw rulesAfter the firewall is activated you can add your rules into it.
If you want to see what are the default rules, you can type. $ sudo ufw status verbose Sample Output Status: activeLogging: on (low)Default: deny (incoming), allow (outgoing)New profiles: skip$ How to Add ufw rulesAs you see, by default every incoming connection is denied.
If you want to remote your machine then you have to allow proper port. For example you want to allow ssh connection. Here’s the command to allow it. Allow Access $ sudo ufw allow sshsudo password for pungki:Rule addedRule added (v6)$If you check the status again, you will see an output like this. $ sudo ufw statusTo Action From-22 ALLOW Anywhere22 ALLOW Anywhere (v6)If you have a lot of rules, and want to put numbers on every rules on the fly, use parameter numbered. $ sudo ufw status numberedTo Action From-1 22 ALLOW Anywhere2 22 ALLOW Anywhere (v6)The first rule says that incoming connection to port 22 from Anywhere, both tcp or udp packets is allowed. What if you want to allow tcp packet only?
Then you can add the parameter tcp after the port number. Here’s an example with sample output. $ sudo ufw allow ssh/tcpTo Action From-22/tcp ALLOW Anywhere22/tcp ALLOW Anywhere (v6) Deny AccessThe same tricks is applied to Deny rule. Let say you want to deny ftp rule.
So you only have to type. $ sudo ufw deny ftpTo Action From-21/tcp DENY Anywhere21/tcp DENY Anywhere (v6) Adding Specific PortSometimes we have a custom port which is not follow any standards.
Let’s say we change the ssh port on our machine from 22, into 2290. Then to allow port 2290, we can add it like this. $ sudo ufw allowTo Action From-2290 ALLOW Anywhere2290 ALLOW Anywhere (v6)It also possible for you to add port-range into the rule. If we want to open port from 2290 – 2300 with tcp protocol, then the command will be like this. $ sudo ufw allow 2290:2300/tcpTo Action From-2290:2300/tcp ALLOW Anywhere2290:2300/tcp ALLOW Anywhere (v6)while if you want to use udp, just use the following command. $ sudo ufw allow 2290:2300/udpTo Action From-2290:2300/udp ALLOW Anywhere2290:2300/udp ALLOW Anywhere (v6)Please remember that you have to put ‘ tcp’ or ‘ udp’ explicitly otherwise you will get an error message similar to below.
ERROR: Must specify ‘tcp’ or ‘udp’ with multiple ports Adding Specific IPPreviously we have added rules based on service or port. Ufw also allow you to add rules based on IP Address. Here’s the sample command. $ sudo ufw allow from 192.168.0.104You can also use a subnet mask to wider the range.
$ sudo ufw allow form 192.168.0.0/24To Action From-AnywhereALLOW 192.168.0.104AnywhereALLOW 192.168.0.0/24As you can see, from parameter will only limit the source of connection. While the destination – which is represented by To column – is Anywhere. You can also manage the destination using ‘ To‘ parameter. Let’s see the sample to allow access to port 22 ( ssh). $ sudo ufw allow to any port 22The above command will allow access from anywhere and from any protocol to port 22. Combining ParametersFor more specific rules, you can also combining IP Address, protocol and port.
Let’s say we want to create rule that limit the connection only from IP 192.168.0.104, only protocol tcp and to port 22. Then the command will be like below. $ sudo ufw allow from 192.168.0.104 proto tcp to any port 22Syntax to create deny rule is similar with allow rule. You only need to change parameter from allow to deny.
Deleting RulesSometime you may need to delete your existing rule. Once again with ufw it is easy to delete rules. From above sample, you have a rule below and you want to delete it. To Action From-22/tcp ALLOW 192.168.0.10421/tcp ALLOW Anywhere21/tcp ALLOW Anywhere (v6)There are two methods of deleting rules.
Method 1The below command will delete rules that match service ftp. So the 21/ tcp which mean ftp port will be deleted. $ sudo ufw delete allow ftp Method 2But when you tried to delete the first rule at the above example using below command. $ sudo ufw delete allow sshOr$ sudo ufw delete allow 22/tcpYou may find an error message such as. Could not delete non-existent ruleCould not delete non-existent rule (v6)Then you can do this trick. As we mentioned above, you can show the number of rule to indicate which rule that we want to delete. Let we show it to you.
$ sudo ufw status numberedTo Action From-1 22/tcp ALLOW 192.168.0.1042 21/tcp ALLOW Anywhere3 21/tcp ALLOW Anywhere (v6)Then you can delete the first rule using. Press “ y” will permanently delete the rule. $ sudo ufw delete 1Deleting:Allow from 192.168.0.104 to any port 22 proto tcpProceed with operation (y n)? YFrom those methods you will see the difference. Method 2 will ask user confirmation before deleting the rule while method 1 is not. How to Reset RulesIn some situation, you may want to delete / reset all rules.
Ufw Error: Problem Running Boards
You can do it by typing. $ sudo ufw resetResetting all rules to installed defaults. Proceed with operation (y n)? YIf you press “ y”, then ufw will backup all existing rules before doing the reset your ufw. Resetting the rules will also disable your firewall.
You need to enabled it again if you want to use it. Advanced FunctionalityAs I stated above, the ufw firewall can able to do whatever that iptables can do. This is accomplished by using various sets of rules files, which are nothing more than iptables-restore appropriate text files.