You add a rule like this:
ufw allow 22/tcp
The rule is saved, and is applied even after reboot. But it's not written anywhere in /etc/ufw. Where is it saved to? (Ubuntu, using ufw as pre-installed.)
Asked
Active
Viewed 6.6k times
57
Steve Bennett
- 5,750
- 12
- 47
- 59
6 Answers
57
In my Ubuntu 11 server, the firewall rules are saved in /lib/ufw/user.rules
Daniel t.
- 9,291
- 1
- 33
- 36
-
2Bingo, thanks. There's also a user6.rules (which doesn't have all the rules I created, but otherwise looks similar). – Steve Bennett Feb 13 '13 at 08:20
-
2user6.rules is for IP version 6 (ipv6) firewall rules. – Daniel t. Feb 13 '13 at 14:41
-
1Still correct in Ubuntu 14, thank you. – Nick Triantafillou Aug 27 '15 at 01:24
-
8What a crazy location! I just spent 20 minutes looking for this :-( – reinierpost Dec 02 '15 at 16:48
-
I didn't, because I searched first on ServerFault :-) But I agree, it's anything but obvious... – Gwyneth Llewelyn Sep 29 '22 at 11:58
-
... also, these days, it's more common to find the active rules for _your_ system (as opposed to the original distro files) under `/etc/ufw` as [already answered here](https://serverfault.com/a/788489/133346) by @tivnet. – Gwyneth Llewelyn Sep 29 '22 at 12:10
33
Ubuntu 16.04 LTS
/etc/ufw/user.rules
Debian 9
/etc/ufw/user.rules
In general, try:
locate user.rules
Should output something like:
/etc/ufw/user.rules
/usr/share/ufw/user.rules
/usr/share/ufw/user.rules.md5sum
/usr/share/ufw/iptables/user.rules
interestedparty333
- 103
- 3
tivnet
- 435
- 4
- 6
-
2It's recommended to run `updatedb` at least once before using `locate`. – ccpizza Jan 15 '17 at 19:44
-
2@ccpizza On Ubuntu, at least, `updatedb` is run daily by `cron`. See `/etc/cron.daily/mlocate`. – Jivan Pal Jun 07 '20 at 17:07
-
Still valid for Ubuntu 22.04 and Debian 11 as of 2022. Insane! – Gwyneth Llewelyn Sep 29 '22 at 12:01
4
In my version, 8.04 LTS Server the files are stored in /var/lib/ufw as /var/lib/ufw/user.rules and /var/lib/ufw/user6.rules.
Michael Hampton
- 244,070
- 43
- 506
- 972
depravedone
- 41
- 1
3
This should work on all Linux systems assuming a ".rules" suffix and residing beneath a directory named "ufw":
sudo find / -name "*.rules" -exec ls -l {} \; | grep ufw
Using the "ls -l" shows that some of them are links to others, and which ones have been updated most recently (implying they are active?)
Andrew Schulman
- 8,811
- 21
- 32
- 47
Craig Hicks
- 677
- 1
- 5
- 13
-
1Assuming that Debian/Ubuntu have been consistently implementing their usual configuration for `ufw` as well, there is some logic implied: _original_ (raw from the distro) files should be under `/usr/share/ufw/`; locally changed/overridden files under `/etc/ufw`; dynamically changed rules (for some reason) ought to be under `/run` (I just have a lock file there). The exception to the usual configuration is `/lib/ufw` which should also have some rules in it, but just has a startup script for `ufw`. – Gwyneth Llewelyn Sep 29 '22 at 12:07
-
1The way `/etc` overrides what is on `/run` which overrides what is on `/lib` (which is usually a symlink to `/usr/share`) is pretty consistent among _most_ configurations in Debian & Ubuntu. – Gwyneth Llewelyn Sep 29 '22 at 12:08
0
As of September 2021, you can find all files and configuration of what is called the UFS Framework using man ufw-framework. It describes in detail where each file goes, what it does, and how the system works together to launch the ufw framework at boot time.
This is valid for at least Ubuntu 22.04 and Debian 11 (Debian has an older version of the man page installed by default, but saying essentially the same).
Gwyneth Llewelyn
- 312
- 2
- 8