UFW rule only applies after reboot [closed]

0 投票
最新提问 用户: (340 分)

I am executing the following rule:

sudo ufw deny from to any

( is my ip address)

The rule does not take effect until I reboot the computer. The proof is that I can still execute ssh commands. How can I force my firewall to apply the changes right away?.

Reason why I am asking this question is because I often have to block some ip addresses and they do not get blocked until I reboot my computer or until those connections are closed. I do not want to reboot my Linux computer every time I want to block an ip. I have a PBX system and for some reason I get random attacks that look like this Asterisk PBX detect if someone enters an incorrect password . Now I know what IP address to block I just cant block them right away. If I reboot the computer the attack stops. I think it is the same reason why after blocking my IP sudo ufw deny from to any I am still able to execute ssh commands.


Here is the proof maybe with this image I am able to explain things better:

enter image description here

1) I ran ufw status and I see that the ip address is blocked

2) Then I log in to my pbx system by running the command asterisk -rvvv. When running that, asterisk will tell me all error messages, warnings etc... At the bottom you can see that I got a phone call from the ip address How can I get a phone call from that ip address if I have blocked that ip address on my firewall !? Note this works with TCP but it does not work with UDP. In other words adding the ufw rule successfully blocks tcp connections but not udp

I get lots of requests that I will like to block. This is how my log looks like:enter image description here I do not understand why I get requests from an ip address that I have blocked. If I reboot my computer I will stop receiving those requests. So my solution as of right now is to reboot the computer.

发表于 用户: (340 分)
Solution is in here! serverfault.com/a/835951/387296

登录 或者 注册 后回答这个问题。

欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。