Your message dated Tue, 20 Nov 2018 15:40:04 -0600
with message-id <20181120214004.GC5285@iolanthe>
and subject line Re: Bug#913112: ufw all traffic blocked, icmp-type + logging
error on enable
has caused the Debian Bug report #909163,
regarding ufw insert nr deny from ipv6-ip failes
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
909163: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909163
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ufw
Version: 0.35-4
Severity: important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation? fail2ban is failing with ufw
* What exactly did you do (or not do) that was effective (or
ineffective)? Setting fail2ban with a custom ufw action fails.
I'm using ufw insert <insertpos> deny from <ip>
Now, using : ufw deny from 2003:f6:ebc1:aa00:2208:c7a6:94a5:26b7 to any
works fine.
but i want : ufw insert 1 deny from 2003:f6:ebc1:aa00:2208:c7a6:94a5:26b7
but that responces with : ERROR: Invalid position '1'
When i use : ufw deny from 2003:f6:ebc1:aa00:2208:c7a6:94a5:26b7 to any
The rule is added but is added at the end of my ipv6 rules and not before
them.
* What was the outcome of this action? ERROR: Invalid position '1'
and no ipv6 rule was added.
* What outcome did you expect instead? a ipv6 rule place at position 1, or
at least before all other ipv6 rules.
*** End of the template - remove these template lines ***
-- System Information:
Debian Release: 9.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-8-amd64 (SMP w/12 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages ufw depends on:
ii debconf [debconf-2.0] 1.5.61
ii init-system-helpers 1.48
ii iptables 1.6.0+snapshot20161117-6
ii lsb-base 9.20161125
ii python3 3.5.3-1
ii ucf 3.0036
ufw recommends no packages.
Versions of packages ufw suggests:
ii rsyslog 8.24.0-1
-- Configuration Files:
/etc/default/ufw changed:
IPV6=no
DEFAULT_INPUT_POLICY="DROP"
DEFAULT_OUTPUT_POLICY="DROP"
DEFAULT_FORWARD_POLICY="DROP"
DEFAULT_APPLICATION_POLICY="SKIP"
MANAGE_BUILTINS=no
IPT_SYSCTL=/etc/ufw/sysctl.conf
IPT_MODULES="nf_conntrack_ftp nf_nat_ftp nf_conntrack_netbios_ns"
/etc/rsyslog.d/20-ufw.conf changed:
:msg,contains,"[UFW " /var/log/ufw.log
& stop
-- debconf information:
ufw/existing_configuration:
ufw/allow_custom_ports:
ufw/allow_known_ports:
ufw/enable: false
--- End Message ---
--- Begin Message ---
This issue is caused be a regression in iptables 1.8.1:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912610
This is now addressed in iptables. Please upgrade to iptables 1.8.2-2 and ufw
should start work again. If not, please file a new bug.
Thanks!
--
Jamie Strandboge | http://www.canonical.com
signature.asc
Description: PGP signature
--- End Message ---
