Ceci est une ancienne révision du document !
So after a question on Telegram the other day, I decided to write a piece on networking in Ubuntu ending in Firewalls. You cannot have a proper picture of firewalls if you don’t understand why they exist.
Here is how it started:
Jimmie, [2024/02/01 18:59] So like. I'm trying to get an obs ndi setup and the thing about it is that it only seems to work when both computers have their firewall disabled.
Jimmie, [2024/02/01 18:59] Both are running linux mint and have gufw.
Jimmie, [2024/02/01 19:00] I tried allowing access between the two as an exception in the ufw rules but it didn't work.
Jimmie, [2024/02/01 19:00] The only way it worked was disabled the firewall on both of my computers and that's not really something I wanna do.
Robert, [2024/02/01 19:09] No idea what it is, but it sounds like the firewall is still blocking it
Jimmie, [2024/02/01 19:14] Oh no it definitely is but I have no idea what it's blocking specifically that requires firewall to be off.
Jimmie, [2024/02/01 19:15] Even f*ing ndi newteks website about their sh*t says to disable firewall like what Jimmie, [2024/02/01 19:15] What the f* is your protocol doing that it doesn't work even with firewall exceptions.
Jimmie, [2024/02/01 19:39] Ok so I think I'll just have to use it with the firewall off.
So what we can do is start with IP, explain basic hostname resolution, basic routing and work our way to ufw, as I think that once you understand, troubleshooting becomes a lot easier. Starting with ufw, you may end up frustrated like the person above.
Now we have already talked about the “ip” command in a previous issue.
So let’s do a very basic refresher. If you want more detail, please see the older issues.
Open your terminal and type:
ip a sh
(IP address show) We want to type as little as possible as I am lazy and typing is generally slow.
If you want just the wireless or wired, we would use:
ip l sh
(IP link show)
As you can see, very much in my opinion. As opinion’s go I don’t really like it, as when I want an address, I want it front and centre, but that is just me.
Ubuntu 20.04 and up use netplan. You can find out more on the website or you can type:
netplan info
or:
man netplan
The man page describes it thus: netplan - YAML network configuration abstraction for various backends
YAML is not difficult, it is basically: the thing, a colon and its setting.
Example - Name: Ronnie Tucker Age: 36
If you are a n00b of n00bs, I recommend cloudbees: https://www.cloudbees.com/blog/yaml-tutorial-everything-you-need-get-started
The catch is, YAML is whitespace sensitive and tabs != spaces.
YAML is used by netplan for configuring your network and it is easy to read.
Here you can see my laptop’s netplan YAML file. I need you to co -check yours.
The killer feature of netplan for me, is the “try”. If you make changes, and you are not 100% sure if they will work, you can type: netplan try -this will try your config and if it does not work, go back to what it was. Use sudo if you need to.
Getting info with netplan is also much nicer, well for me at least. Go ahead and try: netplan ip leases <your card name>
Alas, we are not doing a deep dive into netplan, if you would like one, why not drop us a message on misc@fullcirclemagazine.org ???
So now you know where to look to get basic network information on your Ubuntu machines.
So how do we find more info on your computers? A simple way is to type:
hostname
The command hostnamectl will give you the same information, but with all that juicy metadata the CIA says is not important and oh look there – a terrorist!
There is another case where you would see something different. Say I were to change my hostname from eddv to ubuv, that change does not immediately take place, so you would see something different eg:
Notice from the above screen-shot that there is now a “Transient” hostname. You can think of the transient hostname as temporary, because if the system restarts, it is gone.
The other oddball you may run into is that the machine may have a “Pretty name”. You will often see this on Macbooks, eg. “Dave’s Macbook Pro” If you have a pretty name on your Ubuntu machine, know that posix compliance will mean the hostname will not have the pretty characters.
Another reason you may not be able to see or access some other PC on your network, may be that you have it’s IP address hard coded. This will be your hosts file, where your computer can look at a list of PC’s and derive their IP addresses without needing to ask someone. When I say ask someone, I mean a DNS server. You can look at yours with: cat /etc/hosts
I will not paste mine as it is filled with https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
If you too are tired of endless amounts of horse manure on the internet, I suggest you replace your file contents with that one. That does make it difficult to spot something you may have added yourself – spotting one entry in five thousand lines is not an easy job.
Another place to look, may be the ARP cache. In Ubuntu your ARP (Address Resolution Protocol) is volatile, (It does not store anything) as it resides in /proc. Proc/ is a directory used by the Linux kernel, to give you information, it is not a “real” file, if you wanted to know. You can look at it here:
cat /proc/net/arp
In the next issue we will take this a bit further, so you can do your own troubleshooting when it comes to networking issues.