UFW (uncomplicated firewall) Start On Boot - Mobian (working)
#1
Hey Ya'll,

Not entirely sure if others are wanting this, but thought I'd share my fix on this workaround if you been trying to get this firewall to start on system startup on mobian (fix will be similar to almost any Distro actually).

This is for anyone that wanted to use the UFW - uncomplicated firewall service vs iptables. 

Useful background knowledge:
https://www.freedesktop.org/wiki/Softwar...orkTarget/

Assuming you have already installed ufw:

edit the /lib/systemd/system/ufw.service
Code:
sudo nano /lib/systemd/system/ufw.service

Comment or delete out any existing BEFORE and/or AFTER lines under [unit] and add the new conditions - should look similar to this:
Code:
[Unit]
Description=Uncomplicated firewall
Documentation=man:ufw(8)
DefaultDependencies=no
#Before=network.target
Before=network-pre.target
Wants=network-pre.target

............

Make sure you write out, save, and exit. What this does is makes sure the firewall starts BEFORE any network configuration. Which is the point of a firewall Smile

Add ufw.service to system startup

Code:
sudo systemctl enable ufw.service

Now also make sure ufw.conf has start on boot enabled (enabling just this without the above had no affect on startup). Edit the ufw.conf

Code:
sudo nano /etc/ufw/ufw.conf

Code:
ENABLED=yes

Write out and save and exit.

Reboot your phone. Once it is rebooted, head to terminal and check the firewall status:

Code:
sudo ufw status


Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw
  Reply
#2
(02-28-2021, 01:15 AM)theD0cto Wrote: Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw

Could you clarify what "fix" you actually have? (besides adapting the systemd unit to start the firewall potentially a little earlier). I installed ufw with "sudo apt install ufw" enabled it with "sudo ufw enable" and it simply gets run on start. So what was the issue before?
  Reply
#3
(02-28-2021, 05:42 PM)spaetz Wrote:
(02-28-2021, 01:15 AM)theD0cto Wrote: Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw

Could you clarify what "fix" you actually have? (besides adapting the systemd unit to start the firewall potentially a little earlier). I installed ufw with "sudo apt install ufw" enabled it with "sudo ufw enable" and it simply gets run on start. So what was the issue before?

"sudo ufw enable" just enables the firewall to be active when you call it. It does not apply to automatically enabling the firewall on system reboot/startup. The ufw.conf was suppose to address this by editing the file to enable it on startup. systemctl enable adds the service to startup, but does not activate the firewall. 

This is meant for:

- Adding ufw services to startup and automatically activating the firewall on system reboot so you do not have to "sudo ufw enable" through terminal anytime you had to reboot your phone.

If you google - ufw does not automatically start up on system reboot, you will see numerous instances of it not automatically starting even after editing the ufw.conf and adding it to startup services via systemctl.

So if you restart your phone, and it displays active after you enter "sudo ufw status"(without entering enable), cool, if not, and you want it to startup automatically and be active whenever you reboot your phone then this applies to you.
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  bookworm vs trixie discussion for mobian in pinephone regular. zetabeta 15 1,517 03-25-2024, 09:07 AM
Last Post: anonymous
  cant verify mobian image at website gnugpg penguins_rule 0 70 03-18-2024, 08:54 PM
Last Post: penguins_rule
  Mobile internet via cellular network mostly not working Anna 18 9,727 01-19-2024, 02:59 AM
Last Post: anonymous
Exclamation The internal speaker stops working anonymous 6 814 01-17-2024, 05:53 PM
Last Post: anonymous
  mobian installed to eMMC - how to install tow-boot grump_fiddle_reinstall 6 1,719 11-22-2023, 11:46 AM
Last Post: aLoop100o
  Errors when start the system kubussz 2 465 11-21-2023, 11:07 AM
Last Post: kubussz
  Auto start application on Phosh login Zebulon Walton 8 3,107 10-14-2023, 06:29 AM
Last Post: alaraajavamma
  How to check if tow-boot is installed? jojuma 3 808 09-29-2023, 11:29 PM
Last Post: tllim
  What actions needed to keep on mobian testing user641 3 1,691 09-05-2023, 06:44 AM
Last Post: Zebulon Walton
  Mobian boot failed with zstd message after upgrade. Mahgue 0 582 09-01-2023, 11:29 AM
Last Post: Mahgue

Forum Jump:


Users browsing this thread: 1 Guest(s)