When you start Eddie, UFW is turned off.

[cwtokyo 0]

Hi all.

I am using Linux Mint 18.04.
UFW is turned off when Eddie (Version: 2.18.9) is started with UFW turned ON. After that, even if the UFW is turned on manually, it will be turned off unexpectedly.
When Eddie is turned off, this phenomenon does not occur.

Why does this issue occur?
Is there any way to solve this problem?

[BlueBanana 39]

As far as I understand, Eddie creates its own iptable ruleset. Upon activacting the Network Lock, iptables from UFW are being overwritten, so that the iptables from Eddie can kick in.

As soon as Eddie is closed and the Network Lock is disabled, UFW iptables are restored.

I think this is the expected behaviour.

Please correct me should i be wrong.

BB

 

[cwtokyo 0]

sudo ufw default deny
Sudo ufw enable

I want to block all ports. The ufw I set is above.
The above is invalid for Eddie. So by default AirVPN can't block ports?
Isn't that a problem? How do you deal with external attacks after installing Eddie?

[greerd 5]

Linux Firewall is accomplished by kernel-space Netfilter modules, iptables is a user-space app in linux mint that can talk to and setup the Netfilter modules, ufw (or Gufw) is an app that uncomplicates seting up rules in iptables. So when you setup rules in ufw, they are migrated to iptables, then to the kernel modules, you can view iptables from the command line with the command:

sudo iptables -S

 Like BlueBanna mentioned above, when eddie is run with network lock enabled eddie stores your original iptables (that you setup using ufw) and loads its own iptables that are preset to allow outgoing to all of airvpn servers and optionally you local lan or addresses that you've setup in eddie's config. All other ports are closed. (check using the command above) When you shutdown eddie nicely, your original iptables/ufw rules are reloaded BUT if you kill eddie or if it dies for some reason your original iptables/ufw rules won't get reloaded so you could be open to possible external attack.

Hope this helps.