ufw

Comment 13 for bug 916961

rob cain (rcain-3) wrote :

Hi chaps,

I know this thread is rather old, and that it is indeed 'wish-list' rather than 'bug', but I too would like to add my support to the request for 'import/export' feature for UFW rules.

Reasons: firewall is one of those things users need to add to/remove from on a regular basis, and the chances of screwing up at some point or other become significant. Under such circumstance, the ability to 'restore' (import) from a previous backup (export) becomes paramount.

In addition, I am currently writing a bash script to maintain UFW via a flat file containing simple list of IP's collected from logs & online blacklists; too simplify admin of this process, I need to clear down all previous UFW chain beforehand, and once again, the chances of screwing something up can become significant, hence the need to produce a UFW backup prior to my batch run.

I am aware of ufw-framework - far too complicated/abstruse IMO for this simple task. Am also aware of fail2ban & the like, which I use for slightly different purpose.

ufw export/import would really simplify things. (Alternatively, if you could provide me with precise command line/bash commands to run in order to effect same from within my bash file).

Thanks for an (otherwise) great little utility.

Rob Cain