I’m trying to open a port for transmission but before I get to know either of the 2 options I’d like to know what you recommend and why.

OS is xubuntu 24.04

    • Skull giver@popplesburger.hilciferous.nl
      13·
      8 months ago

      It’s not that Docker ignores rules, it’s that UFW doesn’t know how to handle rules it didn’t add itself. Docker (and possibly other software!) adds a new routing chain and UFW doesn’t mess with that so it doesn’t break any custom settings you may have.

      I think it’s less about Docker ignoring anything and more about UFW not working like firewalls on operating systems like Windows.

    • exu@feditown.comEnglish
      4·
      8 months ago

      It’ll also ignore the default firewalld rules. IIRC it uses the internal zone instead

  • cereals@lemmy.ml
    9·
    8 months ago

    I like firewalld. Its also used on many enterprise distros (RHEL, SLES).

    But if you just have to open one port for something, just use what’s installed on your distro.

  • Quazatron@lemmy.world
    6·
    8 months ago

    How often are you going to be managing ports?

    Just use any tool you like, all they do is fiddle with the Kernel’s filter table.

    • exu@feditown.comEnglish
      22·
      8 months ago

      Firewalld had, at least last time I checked, way more capabilities than UFW. Both are fine at being basic firewalls, but I don’t think you can build a router using just UFW.

      Firewalld allows some pretty advanced rules. I use it to redirect a bunch of web requests going to a certain address over a local ssh tunnel.

  • yala@discuss.online
    51·
    8 months ago

    OS is xubuntu 24.04

    Ubuntu defaults to ufw. That, by itself, justifies the use of ufw in your case.

  • BCsven@lemmy.ca
    2·
    8 months ago

    I found firewalld had so many options that it was a bit overwhelming at first, especially understanding how zones were actually meant to be used, and how each zone had a default handover for the unhandled traffic. But OpenSUSE has a GUI for it so I was able to make sense of it. UFW seemed pretty user friendly and atraight forward.

  • Varen@kbin.social
    56·
    8 months ago

    Iptables. Because in the end its iptables, so I learned it from the beginning „the right way“ and i am therefore not locked into one or another

    • Skull giver@popplesburger.hilciferous.nl
      9·
      8 months ago

      Not anymore. It’s nftables these days. iptables to nftables converters exist, but they’re not 100% compatible.

      Furthermore, with eBPF programmable firewalls are also efficient again, and there are various tools that leverage eBPF to do network operations at near-kernel speeds, often bypassing *tables rules you may have set up.