UFW (uncomplicated firewall) Start On Boot - Mobian (working)

[theD0ctor]

Hey Ya'll,

Not entirely sure if others are wanting this, but thought I'd share my fix on this workaround if you been trying to get this firewall to start on system startup on mobian (fix will be similar to almost any Distro actually).

This is for anyone that wanted to use the UFW - uncomplicated firewall service vs iptables. 

Useful background knowledge:
https://www.freedesktop.org/wiki/Softwar...orkTarget/

Assuming you have already installed ufw:

edit the /lib/systemd/system/ufw.service

Code:

sudo nano /lib/systemd/system/ufw.service

Comment or delete out any existing BEFORE and/or AFTER lines under [unit] and add the new conditions - should look similar to this:

Code:

[Unit]
Description=Uncomplicated firewall
Documentation=man:ufw(8)
DefaultDependencies=no
#Before=network.target
Before=network-pre.target
Wants=network-pre.target

............

Make sure you write out, save, and exit. What this does is makes sure the firewall starts BEFORE any network configuration. Which is the point of a firewall

Add ufw.service to system startup

Code:

sudo systemctl enable ufw.service

Now also make sure ufw.conf has start on boot enabled (enabling just this without the above had no affect on startup). Edit the ufw.conf

Code:

sudo nano /etc/ufw/ufw.conf

Code:

ENABLED=yes

Write out and save and exit.

Reboot your phone. Once it is rebooted, head to terminal and check the firewall status:

Code:

sudo ufw status

Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw

[spaetz]

Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw

Could you clarify what "fix" you actually have? (besides adapting the systemd unit to start the firewall potentially a little earlier). I installed ufw with "sudo apt install ufw" enabled it with "sudo ufw enable" and it simply gets run on start. So what was the issue before?

[theD0ctor]

Should be active on startup without having to manually enable it. This fix worked for me, hopefully it works for others - for anyone that also wants to use the ufw

Could you clarify what "fix" you actually have? (besides adapting the systemd unit to start the firewall potentially a little earlier). I installed ufw with "sudo apt install ufw" enabled it with "sudo ufw enable" and it simply gets run on start. So what was the issue before?

"sudo ufw enable" just enables the firewall to be active when you call it. It does not apply to automatically enabling the firewall on system reboot/startup. The ufw.conf was suppose to address this by editing the file to enable it on startup. systemctl enable adds the service to startup, but does not activate the firewall. 

This is meant for:

- Adding ufw services to startup and automatically activating the firewall on system reboot so you do not have to "sudo ufw enable" through terminal anytime you had to reboot your phone.

If you google - ufw does not automatically start up on system reboot, you will see numerous instances of it not automatically starting even after editing the ufw.conf and adding it to startup services via systemctl.

So if you restart your phone, and it displays active after you enter "sudo ufw status"(without entering enable), cool, if not, and you want it to startup automatically and be active whenever you reboot your phone then this applies to you.