2

Linux Endeavouros.

I don't understand how to tell if my firewall is on or not.

Using systemctl status ufw gives:

ufw.service - CLI Netfilter Manager Loaded: loaded (/usr/lib/systemd/system/ufw.service; enabled; preset: disabled) Active: active (exited) since Mon 2025-11-24 21:24:29 GMT; 57min ago Invocation: 68b2d8efd45b45a58042098855d80d80 Main PID: 504 (code=exited, status=0/SUCCESS) Mem peak: 3.8M CPU: 87ms Nov 24 21:24:28 paulb-vostro470 systemd[1]: Starting CLI Netfilter Manager... Nov 24 21:24:29 paulb-vostro470 systemd[1]: Finished CLI Netfilter Manager.

But running - sudo ufw status gives Status: inactive, which contradicts what systemctl seems to say.

I'm probably not understanding the info correctly, but I'm worried that I may not have been using a firewall all the time I've been online.

Improve this question
1
  • firewalld is installed by default. Did you disable/remove that first? What does sudo firewall-cmd --list-all return? Commented 2 days ago

1 Answer 1

Reset to default
0

Examine the file /var/log/syslog

For example, grep UFW /var/log/syslog should find lines like:

{Date Time} {HostName} kernel: [UFW BLOCK] IN={EthernetDevice} OUT= MAC= SRC={YourIP} DST={TheirIP} {other stuff}

Items in {} are placeholders. You should see data, some of which might be meaningful.

Similar messages may be logged to /var/log/ufw.log, or displayed with:

journalctl |grep -i ufw

(For Arch Linux, ufw logs are discussed here.)

Improve this answer
1
  • 1
    does UFW on a modern Linux Endeavour use /var/log/syslog? Commented yesterday

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.