Skip to content

3.5.2.2 Ensure ufw is uninstalled or disabled with nftables

Audit#

Run the following commands to verify that ufw is either not installed or inactive. Only one of the following needs to pass.

Run the following command to verify that ufw is not installed: 

# dpkg-query -s ufw | grep 'Status: install ok installed'
package 'ufw' is not installed and no information is available

Run the following command to verify ufw is disabled: 

# ufw status
Status: inactive

Remediation#

Run one of the following commands to either remove ufw or disable ufw

Run the following command to remove ufw: 

# apt purge ufw

Run the following command to disable ufw: 

# ufw disable