Requirements

1. Availability: http://archive.ubuntu.com/ubuntu/pool/universe/u/ufw; available for all supported architectures

2. Rationale:

   • https://wiki.ubuntu.com/UbuntuFirewall

3. Security:

   • No CVE entries

   • No Secunia history

   • No suid/sgid root binaries
   • No daemons
   • Does not open a port or process network data
   • Single monolithic python script (/usr/sbin/ufw). No source code review.

4. Quality assurance:

   • On installation, the user must explicitly enable the firewall with 'ufw enable', otherwise no firewalling is performed.
   • The package has one note, which notifies the user of having to manually migrate ufw.rules if it exists. This file was included in 0.7, but version 0.9 (which doesn't include the file) is the one that was announced to the Ubuntu community.
   • This is a native Ubuntu package and not included in Debian

   • Upstream is vigorous

   • Upstream bug tracker: no relevant bugs

5. Standards compliance:

   • FHS, Debian Policy compliant

   • PEP-8 compliant

   • Uses debhelper, pycentral and ucf. Follows Debian Python New Policy. Does not include a patch system (native package).

6. Dependencies:

   • Depends on debconf, iptables, python, and ucf, all of which are in main.

Reviewers

MIR bug: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/189744

JamieStrandboge