UFW dont works

sudo systemctl enable --now ufw.service
[pal@endeavour ~]$ sudo systemctl status ufw
ufw.service - CLI Netfilter Manager
Loaded: loaded (/usr/lib/systemd/system/ufw.service; enabled; preset: disabled)
Active: active (exited) since Wed 2024-04-17 17:20:17 EEST; 10min ago
Main PID: 335 (code=exited, status=0/SUCCESS)
CPU: 111ms

We ship with firewalld. Did you uninstall that?

Also, should check the status of ufw via the the ufw command.

Also you need to start ufw with

ufw enable


The instructions say that you need to disable iptables. I did it

sudo systemctl status firewalld
[sudo] password for pal:
Unit firewalld.service could not be found.
[pal@endeavour ~]$

sudo ufw enable
Firewall is active and enabled on system startup
but after rebooting is the same
sudo systemctl status ufw
● ufw.service - CLI Netfilter Manager
Loaded: loaded (/usr/lib/systemd/system/ufw.service; enabled; preset: disabled)
Active: active (exited) since Thu 2024-04-18 08:00:48 EEST; 16min ago
Process: 358 ExecStart=/usr/lib/ufw/ufw-init start (code=exited, status=0/SUCCESS)
Main PID: 358 (code=exited, status=0/SUCCESS)
CPU: 114ms

Apr 18 08:00:44 endeavour systemd[1]: Starting CLI Netfilter Manager…
Apr 18 08:00:48 endeavour systemd[1]: Finished CLI Netfilter Manager.

I do :
sudo ufw default deny
Default incoming policy changed to ‘deny’
(be sure to update your rules accordingly)

but it dont works I see your site

this happens with ufw but it’s still me favorite.

you can’t just do restart or enable and walk away.

you have to throw the kitchen sink at it.
systemctl enable
" start
" restart
" reload
look in --help there is probably more

ALSO IMPORTANT AND A VARIATION that @I0F said: sudo enable ufw
then check ufw status (see below)

try it all and keep checking sudo ufw status verbose until you see success. systemctl status tells you nothing. check it my way.


you got this.

I use https://wiki.archlinux.org/title/Uncomplicated_Firewall

It turns out that iptables and UFW do not work correctly and stable on endeavouros. All that’s left is to try nftables

By policy sudo ufw default deny I have ip address and see you/ UFW dont works
sudo ufw status
[sudo] password for pal:
Status: active

To Action From

Anywhere ALLOW
Anywhere ALLOW

PV4 (raw):
Chain INPUT (policy DROP 376 packets, 11932 bytes)
pkts bytes target prot opt in out source destination
62148 25409065 ufw-before-logging-input 0 – * * >
62148 25409065 ufw-before-input 0 – * *
5989 578918 ufw-after-input 0 – * *
559 18128 ufw-after-logging-input 0 – * * >
559 18128 ufw-reject-input 0 – * *
559 18128 ufw-track-input 0 – * *

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ufw-before-logging-forward 0 – * * >
0 0 ufw-before-forward 0 – * *
0 0 ufw-after-forward 0 – * *
0 0 ufw-after-logging-forward 0 – * * >
0 0 ufw-reject-forward 0 – * *
0 0 ufw-track-forward 0 – * *

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
44960 8282983 ufw-before-logging-output 0 – * * >
44960 8282983 ufw-before-output 0 – * *

Have you considered giving firewalld a try? In many ways, it is easier to use than ufw. For normal desktop usage, you don’t even need to do anything except enable it. I think a lot of folks here are using firewalld and are not even aware it is on.

You need to make some changes if you want to set up a printer or you need something external to be able to establish a remotely-initiated connection to your computer. Other than that, just install it and turn it on.


You didn’t enable the service for ufw.
systemctl enable ufw
that is why it’s not active on reboot.

1 Like

Right. Denying incoming connections won’t block your access to a website. Are you sure you are properly testing the rules?

Thank you, I installed Mint XFCE. There are no problems with UFW . I still don’t understand why this system endeavour is at all if there are bugs at every step? Probably only for developers…But I can’t understand who put this system on line 3 in https://distrowatch.com ?


I guess one of the main reasons EndeavourOS is so popular is many users do not experience the same struggle to get things working that you have.

Also, I would take the listing from Distrowatch with a grain of salt considering MX Linux has been supposedly the #1 distro for years now. Nothing against MX Linux, I am sure it is great, but it doesn’t seem very commonly used in the Linux community. The Distrowatch ranking system has some mysterious metrics in play.

Anyway, no hard feelings I hope. Good luck with your new Mint XFCE install, see you around. :wave:


I consider EndeavourOS not being attractive to users like you a feature, not a bug. :frog:

Enjoy using Mint, it’s a great OS, for sure.


I worked in Arch Linux, it is much more reliable than Endeavour,only there are certain applications installation difficulties that only an advanced user can overcome and on the Arch Linux forums they treat forks of their system with great disdain.Now I understand why

You simply made a mistake while installing, starting or configuring the service. It’s as simple as that. EndeavourOS and vanilla Arch both provide you with the same circumstances for enabling ufw. There is literally no difference there.

And as someone running arch for years on my main machine and EndeavourOS a bit on the side, Arch Linux and EndeavourOS are both reliable and work pretty much the same way. You are just having a specific problem you yourself caused and now you are annoyed at the distro, while there really is no reason to.


Long live Linux Mint, the clone of the Debian clone! :laughing:

1 Like

To be fair, it has a Debian Edition, which is nice.