Should ufw block access to localhost?
Colin Law
clanlaw at gmail.com
Wed Mar 13 22:10:27 UTC 2019
I am setting up ufw on a server and have a symptom I don't understand.
I am running mosquitto with TLS on port 8883 on the server so in ufw I
have opened that port
sudo ufw allow 8883
and can then access port 8883 from another machine, as expected. I
cannot access it if I do not open that port, again as expected.
However I also access mosquitto locally on the server using
localhost:8883 and the feature I do not understand is that if ufw is
enabled then I cannot access it via localhost whether the port is
opened or not. If I *disable* ufw then I *can* access mosquitto via
localhost.
ufw status shows
$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
80 ALLOW IN Anywhere
443 ALLOW IN Anywhere
8883 ALLOW IN Anywhere
22 (v6) ALLOW IN Anywhere (v6)
80 (v6) ALLOW IN Anywhere (v6)
443 (v6) ALLOW IN Anywhere (v6)
8883 (v6) ALLOW IN Anywhere (v6)
Can anyone explain what is going on?
Colin
More information about the ubuntu-users
mailing list