Hello Pedro, thanks for the report; this was an explicit decision: https://wiki.ubuntu.com/SecurityTeam/FAQ#UFW
Making firewall rules that are tight enough to stop threats yet open enough for the computer to still be useful in a wide variety of environments is very challenging. We've decided that it's better for the tools to be available but not try to provide a default configuration. Thanks ** Information type changed from Private Security to Public Security ** Changed in: ufw (Ubuntu) Status: New => Opinion -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1999155 Title: UFW Disabled by default Status in ufw package in Ubuntu: Opinion Bug description: UFW or iptables is disabled by default on both ubuntu server and desktop, which poses a major security risk as ports that shouldn't be open, are open by default, specially for incoming connections. If UFW breaks working apps on Ubuntu server and desktop, at least make it enabled by default but reject all incoming connections. Malware and exploits are out in the open, and no one in their sane mind would a Firewall suit disabled on Linux or Windows. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1999155/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp