How to configure UFW to allow IP Forwarding? The Next CEO of Stack OverflowUFW setup for OpenVPN serverHow to open ports for outside traffic?Why is ufw logging 'BLOCK' messages regarding a port for which ufw is configured to 'ALLOW' connections?Why is ip forwarding not working in xubuntu 14?Configure UFW to allow only established and related conections (on IPv4)Port forwarding with UFWIP forwarding over OpenVPN (tun0) with external forwarded portsApache2 Server over IPv6 using TeredoHow can I forward all incoming traffic from the local network to a VPN tunnel?ufw firewall deny outgoing but allow browserCannot use rsync: I get “connection refused” even when port 22 is open

Why can't we say "I have been having a dog"?

Is a linearly independent set whose span is dense a Schauder basis?

MT "will strike" & LXX "will watch carefully" (Gen 3:15)?

Find the majority element, which appears more than half the time

Oldie but Goldie

Prodigo = pro + ago?

Small nick on power cord from an electric alarm clock, and copper wiring exposed but intact

How badly should I try to prevent a user from XSSing themselves?

Compensation for working overtime on Saturdays

pgfplots: How to draw a tangent graph below two others?

Are British MPs missing the point, with these 'Indicative Votes'?

Do I need to write [sic] when including a quotation with a number less than 10 that isn't written out?

How do I secure a TV wall mount?

Does int main() need a declaration on C++?

What is a typical Mizrachi Seder like?

Incomplete cube

Is it okay to majorly distort historical facts while writing a fiction story?

What difference does it make matching a word with/without a trailing whitespace?

Can a PhD from a non-TU9 German university become a professor in a TU9 university?

What is the difference between 'contrib' and 'non-free' packages repositories?

How to find if SQL server backup is encrypted with TDE without restoring the backup

How to coordinate airplane tickets?

Would a grinding machine be a simple and workable propulsion system for an interplanetary spacecraft?

Traveling with my 5 year old daughter (as the father) without the mother from Germany to Mexico



How to configure UFW to allow IP Forwarding?



The Next CEO of Stack OverflowUFW setup for OpenVPN serverHow to open ports for outside traffic?Why is ufw logging 'BLOCK' messages regarding a port for which ufw is configured to 'ALLOW' connections?Why is ip forwarding not working in xubuntu 14?Configure UFW to allow only established and related conections (on IPv4)Port forwarding with UFWIP forwarding over OpenVPN (tun0) with external forwarded portsApache2 Server over IPv6 using TeredoHow can I forward all incoming traffic from the local network to a VPN tunnel?ufw firewall deny outgoing but allow browserCannot use rsync: I get “connection refused” even when port 22 is open










15















I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 configured on the other end of the OpenVPN connection.



IP Forwarding is configured on the host, so when UFW is disabled they can talk to each other without any issues. However, I'd like to run UFW as this host will be web-accessible and I'd like some access control.



How can I configure UFW to allow this sort of traffic?



I've tried various combinations of: ufw allow allow in|out on vboxnet0|tun0 with no success.



My UFW rules are:



root@gimli:~# ufw status
Status: active

To Action From
-- ------ ----
22 ALLOW Anywhere
Anywhere ALLOW 10.0.0.0/16
Anywhere on vboxnet0 ALLOW Anywhere
Anywhere on tun0 ALLOW Anywhere

Anywhere ALLOW OUT Anywhere on vboxnet0
Anywhere ALLOW OUT Anywhere on tun0


Any help would be greatly appreciated.










share|improve this question


























    15















    I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 configured on the other end of the OpenVPN connection.



    IP Forwarding is configured on the host, so when UFW is disabled they can talk to each other without any issues. However, I'd like to run UFW as this host will be web-accessible and I'd like some access control.



    How can I configure UFW to allow this sort of traffic?



    I've tried various combinations of: ufw allow allow in|out on vboxnet0|tun0 with no success.



    My UFW rules are:



    root@gimli:~# ufw status
    Status: active

    To Action From
    -- ------ ----
    22 ALLOW Anywhere
    Anywhere ALLOW 10.0.0.0/16
    Anywhere on vboxnet0 ALLOW Anywhere
    Anywhere on tun0 ALLOW Anywhere

    Anywhere ALLOW OUT Anywhere on vboxnet0
    Anywhere ALLOW OUT Anywhere on tun0


    Any help would be greatly appreciated.










    share|improve this question
























      15












      15








      15


      3






      I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 configured on the other end of the OpenVPN connection.



      IP Forwarding is configured on the host, so when UFW is disabled they can talk to each other without any issues. However, I'd like to run UFW as this host will be web-accessible and I'd like some access control.



      How can I configure UFW to allow this sort of traffic?



      I've tried various combinations of: ufw allow allow in|out on vboxnet0|tun0 with no success.



      My UFW rules are:



      root@gimli:~# ufw status
      Status: active

      To Action From
      -- ------ ----
      22 ALLOW Anywhere
      Anywhere ALLOW 10.0.0.0/16
      Anywhere on vboxnet0 ALLOW Anywhere
      Anywhere on tun0 ALLOW Anywhere

      Anywhere ALLOW OUT Anywhere on vboxnet0
      Anywhere ALLOW OUT Anywhere on tun0


      Any help would be greatly appreciated.










      share|improve this question














      I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 configured on the other end of the OpenVPN connection.



      IP Forwarding is configured on the host, so when UFW is disabled they can talk to each other without any issues. However, I'd like to run UFW as this host will be web-accessible and I'd like some access control.



      How can I configure UFW to allow this sort of traffic?



      I've tried various combinations of: ufw allow allow in|out on vboxnet0|tun0 with no success.



      My UFW rules are:



      root@gimli:~# ufw status
      Status: active

      To Action From
      -- ------ ----
      22 ALLOW Anywhere
      Anywhere ALLOW 10.0.0.0/16
      Anywhere on vboxnet0 ALLOW Anywhere
      Anywhere on tun0 ALLOW Anywhere

      Anywhere ALLOW OUT Anywhere on vboxnet0
      Anywhere ALLOW OUT Anywhere on tun0


      Any help would be greatly appreciated.







      firewall iptables ufw ip-forward






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Jul 8 '12 at 23:51









      Stephen RCStephen RC

      2,34162944




      2,34162944




















          4 Answers
          4






          active

          oldest

          votes


















          17














          I figured it out.



          Edit /etc/default/ufw and set DEFAULT_FORWARD_POLICY to ACCEPT:



          DEFAULT_FORWARD_POLICY="ACCEPT"





          share|improve this answer


















          • 9





            Is there any way of allowing only it to forward specific ports, not setting it to ACCEPT everything?

            – Marcus Downing
            Jul 24 '13 at 15:11











          • I guess you need to restart ufw after editing the file: service ufw restart

            – Minh Danh
            Aug 13 '17 at 7:51


















          6














          if you set the DEFAULT_FORWARD_POLICY to ACCEPT in /etc/default/ufw the firewall will forward all packets regardless of the settings of the user interface.



          I think the user interface is only meant for simple in/out filtering. For forwarding you need to add iptables rules in /etc/ufw/before.rules like here:



          -A ufw-before-forward -i eth1 -p tcp -d 192.168.1.11 --dport 22 -j ACCEPT


          You probably already have a rule that lets connections from inside out and another that lets packets from related and established tcp sessions back in.



          I'm no iptables specialist, it took me a very long time to figure this out (with ip6tables, but it should be similar). Maybe this is not all it takes in your case.



          Best greetings






          share|improve this answer






























            2














            This ufw command worked for me nicely:

            sudo ufw default allow FORWARD



            To be sure the change is applied: sudo service ufw restart






            share|improve this answer























            • This gives an "Invalid syntax" error. Docs say "DIRECTION is one of incoming, outgoing or routed".

              – ColinM
              Jun 6 '18 at 15:50











            • @ColinM this worked for me on Xubuntu 16.04.5 LTS

              – baptx
              Aug 7 '18 at 10:37











            • FORWARD works like alias for routed on Ubuntu

              – patricktokeeffe
              Feb 7 at 21:56


















            0














            It's now possible - from ufw man page:




            Rules for traffic not destined for the host itself but instead for traffic that should be routed/forwarded through the
            firewall should specify the route keyword before the rule (routing
            rules differ signifi‐
            cantly from PF syntax and instead take into account netfilter FORWARD chain conventions). For example:



             ufw route allow in on eth1 out on eth2


            This will allow all traffic routed to eth2 and coming in on eth1 to traverse the firewall.



             ufw route allow in on eth0 out on eth1 to 12.34.45.67 port 80 proto tcp


            This rule allows any packets coming in on eth0 to traverse the firewall out on eth1 to tcp port 80 on 12.34.45.67.



            In addition to routing rules and policy, you must also setup IP forwarding. This may be done by setting the following in
            /etc/ufw/sysctl.conf:



             net/ipv4/ip_forward=1
            net/ipv6/conf/default/forwarding=1
            net/ipv6/conf/all/forwarding=1


            then restarting the firewall:



             ufw disable
            ufw enable


            Be aware that setting kernel tunables is operating system specific and ufw sysctl settings may be overridden. See the sysctl
            manual page for details.






            share























              Your Answer








              StackExchange.ready(function()
              var channelOptions =
              tags: "".split(" "),
              id: "89"
              ;
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function()
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled)
              StackExchange.using("snippets", function()
              createEditor();
              );

              else
              createEditor();

              );

              function createEditor()
              StackExchange.prepareEditor(
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: true,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: 10,
              bindNavPrevention: true,
              postfix: "",
              imageUploader:
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              ,
              onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              );



              );













              draft saved

              draft discarded


















              StackExchange.ready(
              function ()
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f161346%2fhow-to-configure-ufw-to-allow-ip-forwarding%23new-answer', 'question_page');

              );

              Post as a guest















              Required, but never shown

























              4 Answers
              4






              active

              oldest

              votes








              4 Answers
              4






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              17














              I figured it out.



              Edit /etc/default/ufw and set DEFAULT_FORWARD_POLICY to ACCEPT:



              DEFAULT_FORWARD_POLICY="ACCEPT"





              share|improve this answer


















              • 9





                Is there any way of allowing only it to forward specific ports, not setting it to ACCEPT everything?

                – Marcus Downing
                Jul 24 '13 at 15:11











              • I guess you need to restart ufw after editing the file: service ufw restart

                – Minh Danh
                Aug 13 '17 at 7:51















              17














              I figured it out.



              Edit /etc/default/ufw and set DEFAULT_FORWARD_POLICY to ACCEPT:



              DEFAULT_FORWARD_POLICY="ACCEPT"





              share|improve this answer


















              • 9





                Is there any way of allowing only it to forward specific ports, not setting it to ACCEPT everything?

                – Marcus Downing
                Jul 24 '13 at 15:11











              • I guess you need to restart ufw after editing the file: service ufw restart

                – Minh Danh
                Aug 13 '17 at 7:51













              17












              17








              17







              I figured it out.



              Edit /etc/default/ufw and set DEFAULT_FORWARD_POLICY to ACCEPT:



              DEFAULT_FORWARD_POLICY="ACCEPT"





              share|improve this answer













              I figured it out.



              Edit /etc/default/ufw and set DEFAULT_FORWARD_POLICY to ACCEPT:



              DEFAULT_FORWARD_POLICY="ACCEPT"






              share|improve this answer












              share|improve this answer



              share|improve this answer










              answered Jul 9 '12 at 3:55









              Stephen RCStephen RC

              2,34162944




              2,34162944







              • 9





                Is there any way of allowing only it to forward specific ports, not setting it to ACCEPT everything?

                – Marcus Downing
                Jul 24 '13 at 15:11











              • I guess you need to restart ufw after editing the file: service ufw restart

                – Minh Danh
                Aug 13 '17 at 7:51












              • 9





                Is there any way of allowing only it to forward specific ports, not setting it to ACCEPT everything?

                – Marcus Downing
                Jul 24 '13 at 15:11











              • I guess you need to restart ufw after editing the file: service ufw restart

                – Minh Danh
                Aug 13 '17 at 7:51







              9




              9





              Is there any way of allowing only it to forward specific ports, not setting it to ACCEPT everything?

              – Marcus Downing
              Jul 24 '13 at 15:11





              Is there any way of allowing only it to forward specific ports, not setting it to ACCEPT everything?

              – Marcus Downing
              Jul 24 '13 at 15:11













              I guess you need to restart ufw after editing the file: service ufw restart

              – Minh Danh
              Aug 13 '17 at 7:51





              I guess you need to restart ufw after editing the file: service ufw restart

              – Minh Danh
              Aug 13 '17 at 7:51













              6














              if you set the DEFAULT_FORWARD_POLICY to ACCEPT in /etc/default/ufw the firewall will forward all packets regardless of the settings of the user interface.



              I think the user interface is only meant for simple in/out filtering. For forwarding you need to add iptables rules in /etc/ufw/before.rules like here:



              -A ufw-before-forward -i eth1 -p tcp -d 192.168.1.11 --dport 22 -j ACCEPT


              You probably already have a rule that lets connections from inside out and another that lets packets from related and established tcp sessions back in.



              I'm no iptables specialist, it took me a very long time to figure this out (with ip6tables, but it should be similar). Maybe this is not all it takes in your case.



              Best greetings






              share|improve this answer



























                6














                if you set the DEFAULT_FORWARD_POLICY to ACCEPT in /etc/default/ufw the firewall will forward all packets regardless of the settings of the user interface.



                I think the user interface is only meant for simple in/out filtering. For forwarding you need to add iptables rules in /etc/ufw/before.rules like here:



                -A ufw-before-forward -i eth1 -p tcp -d 192.168.1.11 --dport 22 -j ACCEPT


                You probably already have a rule that lets connections from inside out and another that lets packets from related and established tcp sessions back in.



                I'm no iptables specialist, it took me a very long time to figure this out (with ip6tables, but it should be similar). Maybe this is not all it takes in your case.



                Best greetings






                share|improve this answer

























                  6












                  6








                  6







                  if you set the DEFAULT_FORWARD_POLICY to ACCEPT in /etc/default/ufw the firewall will forward all packets regardless of the settings of the user interface.



                  I think the user interface is only meant for simple in/out filtering. For forwarding you need to add iptables rules in /etc/ufw/before.rules like here:



                  -A ufw-before-forward -i eth1 -p tcp -d 192.168.1.11 --dport 22 -j ACCEPT


                  You probably already have a rule that lets connections from inside out and another that lets packets from related and established tcp sessions back in.



                  I'm no iptables specialist, it took me a very long time to figure this out (with ip6tables, but it should be similar). Maybe this is not all it takes in your case.



                  Best greetings






                  share|improve this answer













                  if you set the DEFAULT_FORWARD_POLICY to ACCEPT in /etc/default/ufw the firewall will forward all packets regardless of the settings of the user interface.



                  I think the user interface is only meant for simple in/out filtering. For forwarding you need to add iptables rules in /etc/ufw/before.rules like here:



                  -A ufw-before-forward -i eth1 -p tcp -d 192.168.1.11 --dport 22 -j ACCEPT


                  You probably already have a rule that lets connections from inside out and another that lets packets from related and established tcp sessions back in.



                  I'm no iptables specialist, it took me a very long time to figure this out (with ip6tables, but it should be similar). Maybe this is not all it takes in your case.



                  Best greetings







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Sep 2 '13 at 5:46









                  Jay ChristnachJay Christnach

                  6111




                  6111





















                      2














                      This ufw command worked for me nicely:

                      sudo ufw default allow FORWARD



                      To be sure the change is applied: sudo service ufw restart






                      share|improve this answer























                      • This gives an "Invalid syntax" error. Docs say "DIRECTION is one of incoming, outgoing or routed".

                        – ColinM
                        Jun 6 '18 at 15:50











                      • @ColinM this worked for me on Xubuntu 16.04.5 LTS

                        – baptx
                        Aug 7 '18 at 10:37











                      • FORWARD works like alias for routed on Ubuntu

                        – patricktokeeffe
                        Feb 7 at 21:56















                      2














                      This ufw command worked for me nicely:

                      sudo ufw default allow FORWARD



                      To be sure the change is applied: sudo service ufw restart






                      share|improve this answer























                      • This gives an "Invalid syntax" error. Docs say "DIRECTION is one of incoming, outgoing or routed".

                        – ColinM
                        Jun 6 '18 at 15:50











                      • @ColinM this worked for me on Xubuntu 16.04.5 LTS

                        – baptx
                        Aug 7 '18 at 10:37











                      • FORWARD works like alias for routed on Ubuntu

                        – patricktokeeffe
                        Feb 7 at 21:56













                      2












                      2








                      2







                      This ufw command worked for me nicely:

                      sudo ufw default allow FORWARD



                      To be sure the change is applied: sudo service ufw restart






                      share|improve this answer













                      This ufw command worked for me nicely:

                      sudo ufw default allow FORWARD



                      To be sure the change is applied: sudo service ufw restart







                      share|improve this answer












                      share|improve this answer



                      share|improve this answer










                      answered May 28 '18 at 17:19









                      dcborgdcborg

                      211




                      211












                      • This gives an "Invalid syntax" error. Docs say "DIRECTION is one of incoming, outgoing or routed".

                        – ColinM
                        Jun 6 '18 at 15:50











                      • @ColinM this worked for me on Xubuntu 16.04.5 LTS

                        – baptx
                        Aug 7 '18 at 10:37











                      • FORWARD works like alias for routed on Ubuntu

                        – patricktokeeffe
                        Feb 7 at 21:56

















                      • This gives an "Invalid syntax" error. Docs say "DIRECTION is one of incoming, outgoing or routed".

                        – ColinM
                        Jun 6 '18 at 15:50











                      • @ColinM this worked for me on Xubuntu 16.04.5 LTS

                        – baptx
                        Aug 7 '18 at 10:37











                      • FORWARD works like alias for routed on Ubuntu

                        – patricktokeeffe
                        Feb 7 at 21:56
















                      This gives an "Invalid syntax" error. Docs say "DIRECTION is one of incoming, outgoing or routed".

                      – ColinM
                      Jun 6 '18 at 15:50





                      This gives an "Invalid syntax" error. Docs say "DIRECTION is one of incoming, outgoing or routed".

                      – ColinM
                      Jun 6 '18 at 15:50













                      @ColinM this worked for me on Xubuntu 16.04.5 LTS

                      – baptx
                      Aug 7 '18 at 10:37





                      @ColinM this worked for me on Xubuntu 16.04.5 LTS

                      – baptx
                      Aug 7 '18 at 10:37













                      FORWARD works like alias for routed on Ubuntu

                      – patricktokeeffe
                      Feb 7 at 21:56





                      FORWARD works like alias for routed on Ubuntu

                      – patricktokeeffe
                      Feb 7 at 21:56











                      0














                      It's now possible - from ufw man page:




                      Rules for traffic not destined for the host itself but instead for traffic that should be routed/forwarded through the
                      firewall should specify the route keyword before the rule (routing
                      rules differ signifi‐
                      cantly from PF syntax and instead take into account netfilter FORWARD chain conventions). For example:



                       ufw route allow in on eth1 out on eth2


                      This will allow all traffic routed to eth2 and coming in on eth1 to traverse the firewall.



                       ufw route allow in on eth0 out on eth1 to 12.34.45.67 port 80 proto tcp


                      This rule allows any packets coming in on eth0 to traverse the firewall out on eth1 to tcp port 80 on 12.34.45.67.



                      In addition to routing rules and policy, you must also setup IP forwarding. This may be done by setting the following in
                      /etc/ufw/sysctl.conf:



                       net/ipv4/ip_forward=1
                      net/ipv6/conf/default/forwarding=1
                      net/ipv6/conf/all/forwarding=1


                      then restarting the firewall:



                       ufw disable
                      ufw enable


                      Be aware that setting kernel tunables is operating system specific and ufw sysctl settings may be overridden. See the sysctl
                      manual page for details.






                      share



























                        0














                        It's now possible - from ufw man page:




                        Rules for traffic not destined for the host itself but instead for traffic that should be routed/forwarded through the
                        firewall should specify the route keyword before the rule (routing
                        rules differ signifi‐
                        cantly from PF syntax and instead take into account netfilter FORWARD chain conventions). For example:



                         ufw route allow in on eth1 out on eth2


                        This will allow all traffic routed to eth2 and coming in on eth1 to traverse the firewall.



                         ufw route allow in on eth0 out on eth1 to 12.34.45.67 port 80 proto tcp


                        This rule allows any packets coming in on eth0 to traverse the firewall out on eth1 to tcp port 80 on 12.34.45.67.



                        In addition to routing rules and policy, you must also setup IP forwarding. This may be done by setting the following in
                        /etc/ufw/sysctl.conf:



                         net/ipv4/ip_forward=1
                        net/ipv6/conf/default/forwarding=1
                        net/ipv6/conf/all/forwarding=1


                        then restarting the firewall:



                         ufw disable
                        ufw enable


                        Be aware that setting kernel tunables is operating system specific and ufw sysctl settings may be overridden. See the sysctl
                        manual page for details.






                        share

























                          0












                          0








                          0







                          It's now possible - from ufw man page:




                          Rules for traffic not destined for the host itself but instead for traffic that should be routed/forwarded through the
                          firewall should specify the route keyword before the rule (routing
                          rules differ signifi‐
                          cantly from PF syntax and instead take into account netfilter FORWARD chain conventions). For example:



                           ufw route allow in on eth1 out on eth2


                          This will allow all traffic routed to eth2 and coming in on eth1 to traverse the firewall.



                           ufw route allow in on eth0 out on eth1 to 12.34.45.67 port 80 proto tcp


                          This rule allows any packets coming in on eth0 to traverse the firewall out on eth1 to tcp port 80 on 12.34.45.67.



                          In addition to routing rules and policy, you must also setup IP forwarding. This may be done by setting the following in
                          /etc/ufw/sysctl.conf:



                           net/ipv4/ip_forward=1
                          net/ipv6/conf/default/forwarding=1
                          net/ipv6/conf/all/forwarding=1


                          then restarting the firewall:



                           ufw disable
                          ufw enable


                          Be aware that setting kernel tunables is operating system specific and ufw sysctl settings may be overridden. See the sysctl
                          manual page for details.






                          share













                          It's now possible - from ufw man page:




                          Rules for traffic not destined for the host itself but instead for traffic that should be routed/forwarded through the
                          firewall should specify the route keyword before the rule (routing
                          rules differ signifi‐
                          cantly from PF syntax and instead take into account netfilter FORWARD chain conventions). For example:



                           ufw route allow in on eth1 out on eth2


                          This will allow all traffic routed to eth2 and coming in on eth1 to traverse the firewall.



                           ufw route allow in on eth0 out on eth1 to 12.34.45.67 port 80 proto tcp


                          This rule allows any packets coming in on eth0 to traverse the firewall out on eth1 to tcp port 80 on 12.34.45.67.



                          In addition to routing rules and policy, you must also setup IP forwarding. This may be done by setting the following in
                          /etc/ufw/sysctl.conf:



                           net/ipv4/ip_forward=1
                          net/ipv6/conf/default/forwarding=1
                          net/ipv6/conf/all/forwarding=1


                          then restarting the firewall:



                           ufw disable
                          ufw enable


                          Be aware that setting kernel tunables is operating system specific and ufw sysctl settings may be overridden. See the sysctl
                          manual page for details.







                          share











                          share


                          share










                          answered 4 mins ago









                          Michal SylwesterMichal Sylwester

                          112




                          112



























                              draft saved

                              draft discarded
















































                              Thanks for contributing an answer to Ask Ubuntu!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid


                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.

                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function ()
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f161346%2fhow-to-configure-ufw-to-allow-ip-forwarding%23new-answer', 'question_page');

                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              Möglingen Índice Localización Historia Demografía Referencias Enlaces externos Menú de navegación48°53′18″N 9°07′45″E / 48.888333333333, 9.129166666666748°53′18″N 9°07′45″E / 48.888333333333, 9.1291666666667Sitio web oficial Mapa de Möglingen«Gemeinden in Deutschland nach Fläche, Bevölkerung und Postleitzahl am 30.09.2016»Möglingen

                              Virtualbox - Configuration error: Querying “UUID” failed (VERR_CFGM_VALUE_NOT_FOUND)“VERR_SUPLIB_WORLD_WRITABLE” error when trying to installing OS in virtualboxVirtual Box Kernel errorFailed to open a seesion for the virtual machineFailed to open a session for the virtual machineUbuntu 14.04 LTS Virtualbox errorcan't use VM VirtualBoxusing virtualboxI can't run Linux-64 Bit on VirtualBoxUnable to insert the virtual optical disk (VBoxguestaddition) in virtual machine for ubuntu server in win 10VirtuaBox in Ubuntu 18.04 Issues with Win10.ISO Installation

                              Torre de la Isleta Índice Véase también Referencias Bibliografía Enlaces externos Menú de navegación38°25′58″N 0°23′02″O / 38.43277778, -0.3838888938°25′58″N 0°23′02″O / 38.43277778, -0.38388889Torre de la Illeta de l’Horta o Torre Saleta. Base de datos de bienes inmuebles. Patrimonio Cultural. Secretaría de Estado de CulturaFicha BIC Torre de la Illeta de l’Horta. Dirección General de Patrimonio Cultural. Generalitat ValencianaLugares de interés. Ayuntamiento del CampelloTorre de la Isleta en CastillosNet.org