Hi. Thanks for the reply.
When I say it doesn't work in Debian, I mean that (after connecting to nord) as soon as I set ufw to: my internet connection drops despite having the ufw rule This ufw setup works fine on Mint 21.3. It allows me to use internet normally, but if I manually disconnect the vpn (and drop the nordlynx interface) it completely kills all internet connectivity, as expected. For some reason Debian isn't recognizing my allow rule in ufw. There are no error messages per se. It's just that with deny outgoing in place I lose connectivity in my browser and anywhere else expecting internet, like software downloads or updates. Nothing beyond that happens, I just have no internet. I can get internet back by changing the rule to I'm not sure what you mean by the next question. I am using ufw to configure, it just isn't working. Also, I should point out I completely disabled ufw and flushed the iptables before using nft. I wasn't trying to use them together. The reason I looked at nft as a solution is that I thought ufw might be doing something more complex behind the scenes that I needed to deal with. If someone has a ufw solution, I'd actually prefer it as it is simpler for a novice like me. Below is the output for the commands you asked me to run: I understand that Debian sometimes requires more manual configuring than Mint. Is there something I need to do in /etc/network/interfaces? Do I need to manually configure something to make the "nordlynx" virtual network interface get recognized?
When I say it doesn't work in Debian, I mean that (after connecting to nord) as soon as I set ufw to:
Code:
sudo ufw default deny outgoingCode:
allow out on nordlynx from any to anyCode:
sudo ufw default allow outgoingCode:
ip addressCode:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever2: enp6s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000 link/ether fc:34:97:a9:11:a0 brd ff:ff:ff:ff:ff:ff3: enp9s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether fc:34:97:a9:11:a1 brd ff:ff:ff:ff:ff:ff inet 192.168.0.15/24 brd 192.168.0.255 scope global dynamic noprefixroute enp9s0 valid_lft 604521sec preferred_lft 604521sec4: nordlynx: <POINTOPOINT,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 10.5.0.2/32 scope global nordlynx valid_lft forever preferred_lft foreverCode:
ip linkCode:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:002: enp6s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DEFAULT group default qlen 1000 link/ether fc:34:97:a9:11:a0 brd ff:ff:ff:ff:ff:ff3: enp9s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000 link/ether fc:34:97:a9:11:a1 brd ff:ff:ff:ff:ff:ff4: nordlynx: <POINTOPOINT,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000 link/none Code:
ip routeCode:
default via 192.168.0.1 dev enp9s0 proto dhcp src 192.168.0.15 metric 100 192.168.0.0/24 dev enp9s0 proto kernel scope link src 192.168.0.15 metric 100Statistics: Posted by bazzab — 2024-08-08 17:21 — Replies 4 — Views 105