I'll leave the links etc. in case they're useful to someone. gufw profiles after fresh install (rm /etc/gufw/*.profile before starting gufw to reinstate default profiles)
Profile incoming/outgoing/routed
Home deny/allow/disabled
Public reject/allow/allow
Office deny/allow/allow
Firewall rules are found in
/etc/default/ufw
/etc/ufw/sysctl.conf
/etc/ufw/*.rules
https://wiki.ubuntu.com/UncomplicatedFirewall, Advanced Functionality heading
gufw 17.04.1, MX-17 + all updates
=================================
https://stackoverflow.com/questions/490 ... t-and-deny
https://www.reddit.com/r/linux4noobs/co ... s_between/From a security point of view "deny" is slightly preferrable [to reject]
gufw forum :The profiles are usually set by the distro, so it might mean something different. If I remember correctly, Work has masquerading on, Home doesn't. And Work allows some connections to go through (such as ssh), where Home doesn't. ...
https://itsfoss.com/set-up-firewall-gufw/What is the Difference between default profiles: Office, Home and Public? Does it mean Public is to be used when system is connecting to Public network, and Home for Home network and so on?
reply:Home is more open about default policy. Public less open.
By default, both in Home and in Office, these policies are Deny Incoming and Allow Outgoing. This enables you to use services such as http/https without letting anything get in (e.g. ssh).
For Public, they are Reject Incoming and Allow Outgoing....if you are travelling, set the firewall on public profile