the firewall does not work, it displays the status of active ports, but I cannot close or open the port. Runs ufw with errors (I need to open port 700. I'm new to Linux, thanks
root@client-shosting24:/# ufw enable ERROR: problem running ufw-init iptables-restore: line 4 failed iptables-restore: line 4 failed iptables-restore: line 80 failed iptables-restore: line 48 failed sysctl: permission denied on key 'net.ipv4.tcp_sack' Problem running '/etc/ufw/before.rules' Problem running '/lib/ufw/user.rules' root@client-shosting24:/# ufw status Status: active To Action From -- ------ ---- 700 ALLOW Anywhere 80 DENY Anywhere 700/tcp ALLOW Anywhere 22 ALLOW Anywhere 700/udp ALLOW Anywhere 700 ALLOW OUT Anywhere I prescribe and nothing happens
root@client-shosting24:/# sudo iptables -A INPUT -p tcp --dport 700 -j ACCEPT Port tested etim service http://speed-tester.info/check_port.php
sudo iptables-save
root@client-shosting24:/# sudo iptables-save # Generated by iptables-save v1.4.21 on Thu Dec 1 16:57:25 2016 *raw :PREROUTING ACCEPT [27655:1329553] :OUTPUT ACCEPT [29810:19196582] COMMIT # Completed on Thu Dec 1 16:57:25 2016 # Generated by iptables-save v1.4.21 on Thu Dec 1 16:57:25 2016 *mangle :PREROUTING ACCEPT [27655:1329553] :INPUT ACCEPT [27655:1329553] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [29810:19196582] :POSTROUTING ACCEPT [29810:19196582] COMMIT # Completed on Thu Dec 1 16:57:25 2016 # Generated by iptables-save v1.4.21 on Thu Dec 1 16:57:25 2016 *filter :INPUT ACCEPT [10219:538275] :FORWARD DROP [0:0] :OUTPUT ACCEPT [10961:6001106] :ufw-after-forward - [0:0] :ufw-after-input - [0:0] :ufw-after-logging-forward - [0:0] :ufw-after-logging-input - [0:0] :ufw-after-logging-output - [0:0] :ufw-after-output - [0:0] :ufw-before-forward - [0:0] :ufw-before-input - [0:0] :ufw-before-logging-forward - [0:0] :ufw-before-logging-input - [0:0] :ufw-before-logging-output - [0:0] :ufw-before-output - [0:0] :ufw-logging-allow - [0:0] :ufw-logging-deny - [0:0] :ufw-reject-forward - [0:0] :ufw-reject-input - [0:0] :ufw-reject-output - [0:0] :ufw-skip-to-policy-forward - [0:0] :ufw-skip-to-policy-input - [0:0] :ufw-skip-to-policy-output - [0:0] :ufw-track-forward - [0:0] :ufw-track-input - [0:0] :ufw-track-output - [0:0] :ufw-user-forward - [0:0] :ufw-user-input - [0:0] :ufw-user-limit - [0:0] :ufw-user-limit-accept - [0:0] :ufw-user-logging-forward - [0:0] :ufw-user-logging-input - [0:0] :ufw-user-logging-output - [0:0] :ufw-user-output - [0:0] -A INPUT -j ufw-before-logging-input -A INPUT -j ufw-before-input -A INPUT -j ufw-after-input -A INPUT -j ufw-after-logging-input -A INPUT -j ufw-reject-input -A INPUT -j ufw-track-input -A INPUT -p tcp -m tcp --dport 700 -j ACCEPT -A INPUT -p tcp -m tcp --dport 700 -j ACCEPT -A INPUT -p tcp -m tcp --dport 700 -j ACCEPT -A FORWARD -j ufw-before-logging-forward -A FORWARD -j ufw-before-forward -A FORWARD -j ufw-after-forward -A FORWARD -j ufw-after-logging-forward -A FORWARD -j ufw-reject-forward -A FORWARD -j ufw-track-forward -A OUTPUT -j ufw-before-logging-output -A OUTPUT -j ufw-before-output -A OUTPUT -j ufw-after-output -A OUTPUT -j ufw-after-logging-output -A OUTPUT -j ufw-reject-output -A OUTPUT -j ufw-track-output -A ufw-after-input -p udp -m udp --dport 137 -j ufw-skip-to-policy-input -A ufw-after-input -p udp -m udp --dport 138 -j ufw-skip-to-policy-input -A ufw-after-input -p tcp -m tcp --dport 139 -j ufw-skip-to-policy-input -A ufw-after-input -p tcp -m tcp --dport 445 -j ufw-skip-to-policy-input -A ufw-after-input -p udp -m udp --dport 67 -j ufw-skip-to-policy-input -A ufw-after-input -p udp -m udp --dport 68 -j ufw-skip-to-policy-input -A ufw-after-logging-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] " -A ufw-before-forward -j ufw-user-forward -A ufw-before-input -j ufw-user-input -A ufw-before-output -j ufw-user-output -A ufw-skip-to-policy-forward -j DROP -A ufw-skip-to-policy-input -j ACCEPT -A ufw-skip-to-policy-output -j ACCEPT COMMIT # Completed on Thu Dec 1 16:57:25 2016