I have installed firewalld and uninstalled ufw with the following commands:
sudo apt install firewall-applet
sudo systemctl start firewalld
sudo systemctl enable firewalld
It works but does not start on its own on restart.
$ sudo systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; vendor preset
Active: inactive (dead)
May 10 18:39:03 Yyyy systemd[1]: Stopped firewalld - dynamic firewall daemon. lines 1-5/5 (END)
My laptop is running Ubuntu 16.04 LTS.
The output of sudo systemctl status iptables.service:
● iptables.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)
Iptables is installed. The output of dpkg -s iptables
Package: iptables
Status: install ok installed
Priority: important
Section: net
Installed-Size: 1624
Maintainer: Ubuntu Developers <[email protected]>
Architecture: amd64
Version: 1.6.0-2ubuntu3
Depends: libxtables11 (= 1.6.0-2ubuntu3), libc6 (>= 2.14), libnfnetlink0
Description: administration tools for packet filtering and NAT
iptables is the userspace command line program used to configure
the Linux packet filtering ruleset. It is targeted towards system
administrators. Since Network Address Translation is also configured
from the packet filter ruleset, iptables is used for this, too. The
iptables package also includes ip6tables. ip6tables is used for
configuring the IPv6 packet filter
Homepage: http://www.netfilter.org/
Original-Maintainer: iptables devel team <[email protected]>
I tried sudo firewalld-cmd --runtime-to-parmanent but it does not help firewalld start at boot.
Thanks
A little poking around in the firewalld documentation turned up this page. It appears that you may need to set up a "permanent configuration", which will be loaded at every service stop/restart or machine boot.
firewall-cmd --runtime-to-permanentwill take your existing runtime configuration (once you have it set up correctly and working, of course) and migrate it to permanent.That's the only suggestion I can offer; hopefully it helps.
One way to start the firewall on the startup is to run it using cron using the
@rebootattribute:open up a terminal and type :
at the end of the file enter the command:
save the file and exit.
The above command will run the command once everytime computer boots up.
UPDATE
Method 2
If you have access to the GUI of ubuntu then open the dash by hitting the start button (windows key).
Type in
startup Applicationsand click on the startup applications icon.You will get as screen like so:
Click on the Add button and Add the command like so:
And click Add.
You are good to go.
I also hit same problem as OP on my newly installed Ubuntu 16.04.4.
I've checked the service file - /lib/systemd/system/firewalld.service It says firewalld conflict with iptables.service ip6tables.service ebtables.service ipset.service
Then I find ebtables.service is installed and enabled; After disabling and masking it by
firewalld can be started without any other script/trick after reboot, of coz it should be enabled.
So the root cause of my problem is - ebtables.service prevent firewalld.service from being started.
While I do not believe this is the original posters problem, many users ran into this issue due to a bug in ubuntu 19.04.
https://bugs.launchpad.net/ubuntu/+source/firewalld/+bug/1826187
If you need to fix this issue simply run the following commands.
It should output something like this.