Categories
Technical

How to enable IP forwarding with UFW

I’ve just spent the last hour trying to get IP forwarding to work with UFW nicely on Ubuntu. So in the interests of the common good, and so I can find it next time, I’m posting the answer here.

The problem is simple, when UFW enabled IP forwarding doesn’t work and you get frustrated trying to find a firewall rule that will actually make it work. The fix is pretty simple too, there are two files to update:

sudo vim /etc/default/ufw

# Set the default forward policy to ACCEPT, DROP or REJECT. Please note that
# if you change this you will most likely want to adjust your rules
DEFAULT_FORWARD_POLICY="ACCEPT"

sudo vim /etc/ufw/sysctl.conf

# Uncomment this to allow this host to route packets between interfaces
net/ipv4/ip_forward=1
net/ipv6/conf/default/forwarding=1
net/ipv6/conf/all/forwarding=1

Restart UFW (sudo service ufw restart) and you should hopefully have working IP forwarding 🙂