sudo systemctl enable --now ufw.service
[pal@endeavour ~]$ sudo systemctl status ufw
ufw.service - CLI Netfilter Manager
Loaded: loaded (/usr/lib/systemd/system/ufw.service; enabled; preset: disabled)
Active: active (exited) since Wed 2024-04-17 17:20:17 EEST; 10min ago
Main PID: 335 (code=exited, status=0/SUCCESS)
CPU: 111ms
We ship with firewalld. Did you uninstall that?
Also, should check the status of ufw via the the ufw command.
Also you need to start ufw with
ufw enable
2 Likes
The instructions say that you need to disable iptables. I did it
and
sudo systemctl status firewalld
[sudo] password for pal:
Unit firewalld.service could not be found.
[pal@endeavour ~]$
sudo ufw enable
Firewall is active and enabled on system startup
but after rebooting is the same
sudo systemctl status ufw
â ufw.service - CLI Netfilter Manager
Loaded: loaded (/usr/lib/systemd/system/ufw.service; enabled; preset: disabled)
Active: active (exited) since Thu 2024-04-18 08:00:48 EEST; 16min ago
Process: 358 ExecStart=/usr/lib/ufw/ufw-init start (code=exited, status=0/SUCCESS)
Main PID: 358 (code=exited, status=0/SUCCESS)
CPU: 114ms
Apr 18 08:00:44 endeavour systemd[1]: Starting CLI Netfilter ManagerâŚ
Apr 18 08:00:48 endeavour systemd[1]: Finished CLI Netfilter Manager.
I do :
sudo ufw default deny
Default incoming policy changed to âdenyâ
(be sure to update your rules accordingly)
but it dont works I see your site
this happens with ufw but itâs still me favorite.
you canât just do restart or enable and walk away.
you have to throw the kitchen sink at it.
systemctl enable
" start
" restart
" reload
look in --help there is probably more
ALSO IMPORTANT AND A VARIATION that @I0F said: sudo enable ufw
then check ufw status (see below)
try it all and keep checking sudo ufw status verbose until you see success. systemctl status tells you nothing. check it my way.
and NO I HAVE NEVER SEEN ANYONE EVER SAY YOU HAD TO DISABLE IPTABLES. EVER. DONâT DO IT.âludicrous idea
you got this.
It turns out that iptables and UFW do not work correctly and stable on endeavouros. All thatâs left is to try nftables
By policy sudo ufw default deny I have ip address 10.44.5.55 and see you/ UFW dont works
sudo ufw status
[sudo] password for pal:
Status: active
To Action From
Anywhere ALLOW 10.44.1.1
Anywhere ALLOW 10.44.7.77
PV4 (raw):
Chain INPUT (policy DROP 376 packets, 11932 bytes)
pkts bytes target prot opt in out source destination
62148 25409065 ufw-before-logging-input 0 â * * 0.0.0.0/0 0.0.0.0/0 >
62148 25409065 ufw-before-input 0 â * * 0.0.0.0/0 0.0.0.0/0
5989 578918 ufw-after-input 0 â * * 0.0.0.0/0 0.0.0.0/0
559 18128 ufw-after-logging-input 0 â * * 0.0.0.0/0 0.0.0.0/0 >
559 18128 ufw-reject-input 0 â * * 0.0.0.0/0 0.0.0.0/0
559 18128 ufw-track-input 0 â * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ufw-before-logging-forward 0 â * * 0.0.0.0/0 0.0.0.0/0 >
0 0 ufw-before-forward 0 â * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-forward 0 â * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-after-logging-forward 0 â * * 0.0.0.0/0 0.0.0.0/0 >
0 0 ufw-reject-forward 0 â * * 0.0.0.0/0 0.0.0.0/0
0 0 ufw-track-forward 0 â * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
44960 8282983 ufw-before-logging-output 0 â * * 0.0.0.0/0 0.0.0.0/0 >
44960 8282983 ufw-before-output 0 â * * 0.0.0.0/0 0.0.0.0/
Have you considered giving firewalld a try? In many ways, it is easier to use than ufw. For normal desktop usage, you donât even need to do anything except enable it. I think a lot of folks here are using firewalld and are not even aware it is on.
You need to make some changes if you want to set up a printer or you need something external to be able to establish a remotely-initiated connection to your computer. Other than that, just install it and turn it on.
You didnât enable the service for ufw.
systemctl enable ufw
that is why itâs not active on reboot.
1 Like
Right. Denying incoming connections wonât block your access to a website. Are you sure you are properly testing the rules?
Thank you, I installed Mint XFCE. There are no problems with UFW . I still donât understand why this system endeavour is at all if there are bugs at every step? Probably only for developersâŚBut I canât understand who put this system on line 3 in https://distrowatch.com ?
3 Likes
I guess one of the main reasons EndeavourOS is so popular is many users do not experience the same struggle to get things working that you have.
Also, I would take the listing from Distrowatch with a grain of salt considering MX Linux has been supposedly the #1 distro for years now. Nothing against MX Linux, I am sure it is great, but it doesnât seem very commonly used in the Linux community. The Distrowatch ranking system has some mysterious metrics in play.
Anyway, no hard feelings I hope. Good luck with your new Mint XFCE install, see you around. 
3 Likes
I consider EndeavourOS not being attractive to users like you a feature, not a bug. 
Enjoy using Mint, itâs a great OS, for sure.
4 Likes
I worked in Arch Linux, it is much more reliable than Endeavour,only there are certain applications installation difficulties that only an advanced user can overcome and on the Arch Linux forums they treat forks of their system with great disdain.Now I understand why
You simply made a mistake while installing, starting or configuring the service. Itâs as simple as that. EndeavourOS and vanilla Arch both provide you with the same circumstances for enabling ufw. There is literally no difference there.
And as someone running arch for years on my main machine and EndeavourOS a bit on the side, Arch Linux and EndeavourOS are both reliable and work pretty much the same way. You are just having a specific problem you yourself caused and now you are annoyed at the distro, while there really is no reason to.
2 Likes
Long live Linux Mint, the clone of the Debian clone! 
1 Like