UFW with Kernel 4.9.40 doesn't work

Frank · July 5, 2019, 2:35am

Hi @Gytis , I try it with VIM1. If you enable UFW failure. you maybe need to do something to setup it.
This is my step . I hope it can help you.

Frist I install ufw in my VIM1. Then I run command ufw status & ufw enable.

root@Khadas:~# ufw enable
ERROR: problem running ufw-init
iptables-restore: line 11 failed
ip6tables-restore: line 138 failed

Problem running '/etc/ufw/user.rules'
Problem running '/etc/ufw/before6.rules'

root@Khadas:~# ufw status
Status: active

It look nothing that you should setup it.

setup with default

root@Khadas:~# ufw disable

Firewall stopped and disabled on system startup

root@Khadas:~# ufw default deny incoming

Default incoming policy changed to 'deny'

(be sure to update your rules accordingly)

root@Khadas:~# ufw default allow outgoing

Default outgoing policy changed to 'allow'

(be sure to update your rules accordingly)

root@Khadas:~# ufw default deny outgoing

Default outgoing policy changed to 'deny'

(be sure to update your rules accordingly)

allow Connections

root@Khadas:~# ufw allow ssh
Skipping adding existing rule
Skipping adding existing rule (v6)
root@Khadas:~# ufw allow 22
Skipping adding existing rule
Skipping adding existing rule (v6)
root@Khadas:~# ufw allow 22/tcp
Skipping adding existing rule
Skipping adding existing rule (v6)
root@Khadas:~# ufw status
Status: inactive
root@Khadas:~# ufw enable
ERROR: problem running ufw-init
iptables-restore: line 35 failed
ip6tables-restore: line 138 failed
ip6tables-restore: line 35 failed

Problem running '/etc/ufw/user.rules'
Problem running '/etc/ufw/before6.rules'
Problem running '/etc/ufw/user6.rules'

root@Khadas:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
22                         ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
22 (v6)                    ALLOW       Anywhere (v6)             

root@Khadas:~#

you can see the error still exists,but it just about user config. If you want to solve it ,you can modify the rules file.

Then I reboot it.

root@Khadas:~# ufw status
Status: inactive
root@Khadas:~# ufw enable
ERROR: problem running ufw-init
iptables-restore: line 35 failed
ip6tables-restore: line 138 failed
ip6tables-restore: line 35 failed

Problem running '/etc/ufw/user.rules'
Problem running '/etc/ufw/before6.rules'
Problem running '/etc/ufw/user6.rules'

root@Khadas:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
22                         ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
22 (v6)                    ALLOW       Anywhere (v6)

You can see that it can run after reboot.