Where does UFW (uncomplicated firewall) save command-line rules to?

Question

You add a rule like this:

ufw allow 22/tcp

The rule is saved, and is applied even after reboot. But it's not written anywhere in /etc/ufw. Where is it saved to? (Ubuntu, using ufw as pre-installed.)

score 59 · Accepted Answer · answered Feb 12 '13 at 21:11

59

In my Ubuntu 11 server, the firewall rules are saved in /lib/ufw/user.rules

answered Feb 12 '13 at 21:11

Daniel t.

9,424

2

Bingo, thanks. There's also a user6.rules (which doesn't have all the rules I created, but otherwise looks similar). – Steve Bennett Feb 13 '13 at 08:20
3

user6.rules is for IP version 6 (ipv6) firewall rules. – Daniel t. Feb 13 '13 at 14:41
1

Still correct in Ubuntu 14, thank you. – Nick Triantafillou Aug 27 '15 at 01:24
8

What a crazy location! I just spent 20 minutes looking for this :-( – reinierpost Dec 02 '15 at 16:48
I didn't, because I searched first on ServerFault :-) But I agree, it's anything but obvious... – Gwyneth Llewelyn Sep 29 '22 at 11:58
... also, these days, it's more common to find the active rules for your system (as opposed to the original distro files) under /etc/ufw as already answered here by @tivnet. – Gwyneth Llewelyn Sep 29 '22 at 12:10

score 35 · Answer 2 · edited Dec 03 '19 at 12:32

35

Ubuntu 16.04 LTS

/etc/ufw/user.rules

Debian 9

/etc/ufw/user.rules

In general, try:

locate user.rules

Should output something like:

/etc/ufw/user.rules
/usr/share/ufw/user.rules
/usr/share/ufw/user.rules.md5sum
/usr/share/ufw/iptables/user.rules

edited Dec 03 '19 at 12:32

interestedparty333

103

answered Jul 07 '16 at 13:25

tivnet

455
4
6

2

It's recommended to run updatedb at least once before using locate. – ccpizza Jan 15 '17 at 19:44
2

@ccpizza On Ubuntu, at least, updatedb is run daily by cron. See /etc/cron.daily/mlocate. – Jivan Pal Jun 07 '20 at 17:07
Still valid for Ubuntu 22.04 and Debian 11 as of 2022. Insane! – Gwyneth Llewelyn Sep 29 '22 at 12:01

score 12 · Answer 3 · answered Feb 05 '13 at 04:09

12

I believe it's under lib/ufw/rules[6].rules

answered Feb 05 '13 at 04:09

golja

1,631
10
14

score 4 · Answer 4 · edited Dec 11 '13 at 02:17

4

In my version, 8.04 LTS Server the files are stored in /var/lib/ufw as /var/lib/ufw/user.rules and /var/lib/ufw/user6.rules.

edited Dec 11 '13 at 02:17

Michael Hampton

247,473

answered Dec 10 '13 at 22:29

depravedone

41

score 3 · Answer 5 · edited Feb 26 '18 at 17:42

3

This should work on all Linux systems assuming a ".rules" suffix and residing beneath a directory named "ufw":

sudo find / -name "*.rules" -exec ls -l {} \; | grep ufw

Using the "ls -l" shows that some of them are links to others, and which ones have been updated most recently (implying they are active?)

edited Feb 26 '18 at 17:42

Andrew Schulman

8,916

answered Feb 26 '18 at 14:15

Craig Hicks

727

1

Assuming that Debian/Ubuntu have been consistently implementing their usual configuration for ufw as well, there is some logic implied: original (raw from the distro) files should be under /usr/share/ufw/; locally changed/overridden files under /etc/ufw; dynamically changed rules (for some reason) ought to be under /run (I just have a lock file there). The exception to the usual configuration is /lib/ufw which should also have some rules in it, but just has a startup script for ufw. – Gwyneth Llewelyn Sep 29 '22 at 12:07
1

The way /etc overrides what is on /run which overrides what is on /lib (which is usually a symlink to /usr/share) is pretty consistent among most configurations in Debian & Ubuntu. – Gwyneth Llewelyn Sep 29 '22 at 12:08

score 1 · Answer 6 · answered Feb 27 '24 at 17:48

1

On Ubuntu 16 and up user firewall rules are stored in /etc/ufw/user.rules and /etc/ufw/user6.rules. Overall all UFW rules and configs located in /etc/ufw

answered Feb 27 '24 at 17:48

Aleksei Semidotskii

111

score 0 · Answer 7 · answered Sep 29 '22 at 12:20

As of September 2021, you can find all files and configuration of what is called the UFS Framework using man ufw-framework. It describes in detail where each file goes, what it does, and how the system works together to launch the ufw framework at boot time.

This is valid for at least Ubuntu 22.04 and Debian 11 (Debian has an older version of the man page installed by default, but saying essentially the same).

Where does UFW (uncomplicated firewall) save command-line rules to?

7 Answers7