UFW is active but not enabled why?

ubuntu firewall ufw

34,288

Solution 1

mateusz@debian:~$ sudo ufw disable
Firewall stopped and disabled on system startup

mateusz@debian:~$ sudo ufw status verbose
Status: inactive

mateusz@debian:~$ sudo ufw enable
ERROR: problem running ufw-init

Even if error occurs, you can check that ufw is running.

mateusz@debian:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

To                         Action      From
--                         ------      ----
80/tcp                     ALLOW IN    Anywhere
22/tcp                     ALLOW IN    Anywhere

mateusz@debian:~$ sudo service ufw status
[ ok all is running...done.

You can easily set up manually ENABLED=yes in ufw config

sudo nano /etc/ufw/ufw.conf

which contains:

# /etc/ufw/ufw.conf
#

# Set to yes to start on boot. If setting this remotely, be sure to add a rule
# to allow your remote connection before starting ufw. Eg: 'ufw allow 22/tcp'
ENABLED=no

# Please use the 'ufw' command to set the loglevel. Eg: 'ufw logging medium'.
# See 'man ufw' for details.
LOGLEVEL=low

Solution 2

Setting ENABLED=yes in /etc/ufw/ufw.conf did it for me.

$ sudo ufw reload
Firewall not enabled (skipping reload)
$ sudo ufw logging on (showing that @Thomas' solution has no effect for me)
Logging enabled
$ sudo sed -ie 's/ENABLED=no/ENABLED=yes/' /etc/ufw/ufw.conf

Check to be sure that port 22 is enabled before you reload

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere

Reload

$ sudo ufw reload
Firewall reloaded

34,288

Thomas

Updated on September 18, 2022

Comments

Thomas over 1 year

I was trying to setup a firewall in my Ubuntu 12.04 machine. After some struggling I got the following. Isn't this sounds a bit odd?

thomas@thomas-K40IJ:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

To                         Action      From
--                         ------      ----
21/tcp                     ALLOW OUT   Anywhere
80                         ALLOW OUT   Anywhere
22                         ALLOW OUT   Anywhere
21/tcp                     ALLOW OUT   Anywhere (v6)
80                         ALLOW OUT   Anywhere (v6)
22                         ALLOW OUT   Anywhere (v6)

thomas@thomas-K40IJ:~$ sudo ufw reload
Firewall not enabled (skipping reload)
thomas@thomas-K40IJ:~$ sudo ufw enable 
ERROR: Could not load logging rules
thomas@thomas-K40IJ:~$

Also my firewall seems disabled after reboot. What am I missing?

Thomas about 11 years

Turning off the logging(sudo ufw logging off) solved the problem.

xtian about 3 years

I don't understand why this is the accepted answer. It doesn't address the logical contradiction of the two command's output--how can the firewall be both Status: active & Firewall not enabled at the same time. And further answers suggesting using gufw are equally unhelpful.
questionto42standswithUkraine almost 3 years

Upvote only for the nice shortcut on changing the /etc/ufw/ufw.conf with a code line :). Yet, at sudo ufw reload, I get the same errors again. That is because at reload, the change of the /etc/ufw/ufw.conf goes back to default ENABLED=no. The only solution up to now is to run sudo sed -ie 's/ENABLED=no/ENABLED=yes/' /etc/ufw/ufw.conf directly before running sudo ufw enable.
questionto42standswithUkraine almost 3 years

@xtian This answer has the solution only at the bottom using ENABLED=yes. If you then run sudo ufw enable, it will show you Firewall is active and enabled on system startup. The first three steps are of no use: I had the same status before the three steps and after the three steps (SAME_STATUS --> disable -- status -- enable --> SAME_STATUS).