Rollback " ufw allow 22 "

meetdilip · February 15, 2020, 5:39am

Since my SSH attempts were showing port 22: connection refused , I tried

sudo ufw allow 22

Even after that, I am not able to SSH. Now I don’t want to have port 22 as a vulnerability and want to set to the default condition. Which command to use for that in 18.04 ? Thanks.

meetdilip · February 15, 2020, 6:10am

Will this work ?

sudo ufw delete allow 22

01101111 · February 15, 2020, 7:00am

i haven’t used ufw myself, but man ufw shows a reset command:

reset
Disables and resets firewall to installation defaults. Can also
give the --force option to perform the reset without confirma‐
tion.

01101111 · February 15, 2020, 7:07am

i found this further down so it seems like your delete command should work:

To delete a rule, simply prefix the original rule with delete with or
without the rule comment.

then you could run ufw status to check.

Akito · February 15, 2020, 10:46am

The default default rule is to deny all incoming. So if you haven’t changed the default rule, then simply deleting the rule in question should close the port again.

Now all you have to do is the following:

ufw status numbered | grep "] 22"

Find the number within the [brackets] that is assigned to the 22 ALLOW IN and don’t forget it. Then:

ufw delete 123

replacing 123 with the number you remember from the previous command.

Repeat the process for the 22 (v6) ALLOW IN rule.

meetdilip · February 15, 2020, 1:00pm

I thought of resetting the whole ufw to default. Then wondered how Firefox, other browsers and Transmission will work. If all incoming is blocked, how will these work ?

Akito:

ufw status numbered | grep "] 22"
Find the number within the [ brackets ] that is assigned to the 22 ALLOW IN and don’t forget it. Then:
ufw delete 123
replacing 123 with the number you remember from the previous command.

Repeat the process for the 22 (v6) ALLOW IN rule.

I am not sure I understand this part

Akito · February 15, 2020, 3:09pm

As already explained there, your router already blocks all incoming traffic, if you did not fiddle around with the Port rules.
Only servers need open ports, that’s why all the websites you visit are on machines that have open ports. You only need outgoing ports for that, which the computer handles automatically for you, but you don’t need any open incoming ones for that.
Similar with Torrent, although you can have an open port which would help Torrent work better, you don’t need one.
You only need open ports if peers are directly connecting to you.

That said, sometimes your router automatically opens incoming ports for you, but that depends on the program requesting the open port, as well as the router’s capability and permissions to handle UPnP requests.