Jump to content
Not connected, Your IP: 3.236.122.9
cwtokyo

When you start Eddie, UFW is turned off.

Recommended Posts

Hi all.

I am using Linux Mint 18.04.
UFW is turned off when Eddie (Version: 2.18.9) is started with UFW turned ON. After that, even if the UFW is turned on manually, it will be turned off unexpectedly.
When Eddie is turned off, this phenomenon does not occur.

Why does this issue occur?
Is there any way to solve this problem?

Share this post


Link to post

As far as I understand, Eddie creates its own iptable ruleset. Upon activacting the Network Lock, iptables from UFW are being overwritten, so that the iptables from Eddie can kick in.

As soon as Eddie is closed and the Network Lock is disabled, UFW iptables are restored.

I think this is the expected behaviour.

Please correct me should i be wrong.

BB

 


AMD Ryzen 3950X @ 105W PPL

Gigabyte X570 Aorus Elite

AMD RX 5700 XT

Corsair DDR4-3200 32GB

 

Share this post


Link to post
sudo ufw default deny
Sudo ufw enable
I want to block all ports. The ufw I set is above.
The above is invalid for Eddie. So by default AirVPN can't block ports?
Isn't that a problem? How do you deal with external attacks after installing Eddie?

Share this post


Link to post

Linux Firewall is accomplished by kernel-space Netfilter modules, iptables is a user-space app in linux mint that can talk to and setup the Netfilter modules, ufw (or Gufw) is an app that uncomplicates seting up rules in iptables. So when you setup rules in ufw, they are migrated to iptables, then to the kernel modules, you can view iptables from the command line with the command:

sudo iptables -S
 Like BlueBanna mentioned above, when eddie is run with network lock enabled eddie stores your original iptables (that you setup using ufw) and loads its own iptables that are preset to allow outgoing to all of airvpn servers and optionally you local lan or addresses that you've setup in eddie's config. All other ports are closed. (check using the command above) When you shutdown eddie nicely, your original iptables/ufw rules are reloaded BUT if you kill eddie or if it dies for some reason your original iptables/ufw rules won't get reloaded so you could be open to possible external attack.

Hope this helps.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...