UFW (uncomplicated firewall) Start On Boot - Mobian (working)
#1
Hey Ya'll,

Not entirely sure if others are wanting this, but thought I'd share my fix on this workaround if you been trying to get this firewall to start on system startup on mobian (fix will be similar to almost any Distro actually).

This is for anyone that wanted to use the UFW - uncomplicated firewall service vs iptables. 

Useful background knowledge:
https://www.freedesktop.org/wiki/Softwar...orkTarget/

Assuming you have already installed ufw:

edit the /lib/systemd/system/ufw.service
Code:
sudo nano /lib/systemd/system/ufw.service

Comment or delete out any existing BEFORE and/or AFTER lines under [unit] and add the new conditions - should look similar to this:
Code:
[Unit]
Description=Uncomplicated firewall
Documentation=man:ufw(8)
DefaultDependencies=no
#Before=network.target
Before=network-pre.target
Wants=network-pre.target

............

Make sure you write out, save, and exit. What this does is makes sure the firewall starts BEFORE any network configuration. Which is the point of a firewall Smile

Add ufw.service to system startup

Code:
sudo systemctl enable ufw.service

Now also make sure ufw.conf has start on boot enabled (enabling just this without the above had no affect on startup). Edit the ufw.conf

Code:
sudo nano /etc/ufw/ufw.conf

Code:
ENABLED=yes

Write out and save and exit.

Reboot your phone. Once it is rebooted, head to terminal and check the firewall status:

Code:
sudo ufw status


Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw
  Reply
#2
(02-28-2021, 01:15 AM)theD0cto Wrote: Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw

Could you clarify what "fix" you actually have? (besides adapting the systemd unit to start the firewall potentially a little earlier). I installed ufw with "sudo apt install ufw" enabled it with "sudo ufw enable" and it simply gets run on start. So what was the issue before?
  Reply
#3
(02-28-2021, 05:42 PM)spaetz Wrote:
(02-28-2021, 01:15 AM)theD0cto Wrote: Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw

Could you clarify what "fix" you actually have? (besides adapting the systemd unit to start the firewall potentially a little earlier). I installed ufw with "sudo apt install ufw" enabled it with "sudo ufw enable" and it simply gets run on start. So what was the issue before?

"sudo ufw enable" just enables the firewall to be active when you call it. It does not apply to automatically enabling the firewall on system reboot/startup. The ufw.conf was suppose to address this by editing the file to enable it on startup. systemctl enable adds the service to startup, but does not activate the firewall. 

This is meant for:

- Adding ufw services to startup and automatically activating the firewall on system reboot so you do not have to "sudo ufw enable" through terminal anytime you had to reboot your phone.

If you google - ufw does not automatically start up on system reboot, you will see numerous instances of it not automatically starting even after editing the ufw.conf and adding it to startup services via systemctl.

So if you restart your phone, and it displays active after you enter "sudo ufw status"(without entering enable), cool, if not, and you want it to startup automatically and be active whenever you reboot your phone then this applies to you.
  Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Reboot Modem on Pinephone in Mobian eggmatters 5 444 10 hours ago
Last Post: eggmatters
  Axolotl on PinePhone / Mobian arno_nuehm 93 21,548 06-11-2021, 07:16 AM
Last Post: ergo owl
  Mobian not updating via Software app FOSSagent0 2 203 06-07-2021, 09:22 PM
Last Post: Zebulon Walton
  mobile data on mobian not working synaption 1 156 06-02-2021, 03:16 PM
Last Post: Aberts10
  How do you copy and paste into mobian terminal? Do you ssh instead? temp0rary 6 268 06-01-2021, 12:16 PM
Last Post: temp0rary
  Always-On VPN issues at boot. Need to manually activate it.. What did i miss.. temp0rary 0 106 05-31-2021, 10:35 AM
Last Post: temp0rary
  Turn by Turn alternative GPS app in Mobian livanti21 27 12,130 05-30-2021, 03:17 AM
Last Post: john_doe
  can't get file transfer working. Help, please! quixote 25 1,540 05-28-2021, 06:53 PM
Last Post: Rainer
  Can't update OS Mobian Phosh Gon 5 439 05-23-2021, 10:52 PM
Last Post: pajux
  Mobian: 2 week as main phone steves 10 1,447 05-18-2021, 11:55 AM
Last Post: vortex

Forum Jump:


Users browsing this thread: 1 Guest(s)