Clarify UFW documentation #9344
Conversation
ufw -h explains commands like: enable enables the firewall disable disables the firewall reload reload firewall reset reset firewall The claim that "enabled" reloads anything is incorrect. Rules aren't reloaded. `ufw status` will show them, but iptables aren't updated. The part about "enabled"/"disabled" working "on boot" is incorrect either. Change is immediate and permanent.
ansibullbot
added
docs
docs_only
module
felixfontein
added
check-before-release
There was a problem hiding this comment.
Thanks for your contribution!
The current descriptions match what ufw's man page is saying about the commands, check for example https://manpages.org/ufw/8 (or in raw form, https://git.launchpad.net/ufw/tree/doc/ufw.8):
enable
reloads firewall and enables firewall on boot.disable
unloads firewall and disables firewall on bootreset
Disables and resets firewall to installation defaults. Can also give the --force option to perform the reset without confirmation.
If you think that ufw doesn't do what it documents, please file a bug against ufw so they fix their documentation. Once they do that, we can also update our descriptions.
ansibullbot
added
the
needs_revision
|
hi @ubombi are you still going to pursue some change here? If not, could you please close the PR, or let us know and we'll be happy to do it. |
|
Sure. |
felixfontein
removed
the
check-before-release
SUMMARY
Clarification of potentially misleading documentation.
ISSUE TYPE
COMPONENT NAME
community.general.ufw
ADDITIONAL INFORMATION
It may be a weird use-case, but:
/etc/ufw/user.rulesstate: enabledstate: reloadedufw -hexplains commands like:state: enabledorufw -f enabledoes not reload firewall. New rules are visible inufw status, but the iptables aren't updated.And the part about "enabled"/"disabled" working on boot is incorrect either because the change is immediate. Like
systemctl enable --now