Skip to content

4.4.1.3 Ensure ufw is not in use with iptables

Audit#

Run the following commands to verify that ufw is either not installed or disabled. Only one of the following needs to pass.

Run the following command to verify that ufw is not installed: 

# dpkg-query -s ufw &>/dev/null && echo "ufw is installed"
Nothing should be returned.

- OR - Run the following command to verify ufw is disabled: 

# ufw status
Status: inactive

Run the following commands to verify that the ufw.service is not enabled: 

# systemctl is-enabled ufw 2>dev/null | grep '^enabled'
Nothing should be returned

Run the following command to verify ufw.service is not active: 

# systemctl is-active ufw.service 2>/dev/null | grep '^active'
Nothing should be returned

Remediation#

Run the following command to remove ufw: 

# apt purge ufw

- OR - Run the following commands to disable ufw, and stop and mask ufw.service: 

# ufw disable
# systemctl stop ufw.service
# systemctl mask ufw.service
Note: ufw disable needs to be run before systemctl mask ufw.service in order to correctly disable UFW