3.5.2.2 Ensure ufw is uninstalled or disabled with nftables

Information

Uncomplicated Firewall (UFW) is a program for managing a netfilter firewall designed to be easy to use.

Rationale:

Running both the nftables service and ufw may lead to conflict and unexpected results.

Solution

Run one of the following commands to either remove ufw or disable ufw
Run the following command to remove ufw:

# apt purge ufw

Run the following command to disable ufw:

# ufw disable

See Also

https://workbench.cisecurity.org/files/3219

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(12), CSCv7|9.4

Plugin: Unix

Control ID: 60e1680cb87677d79a1cb1b5a3027293986379b93fa29bbe28c214510f133607