Guys, thanks for the followups. I'm not sure why you are not able to reproduce what I reported. Perhaps there is a misunderstanding between us. I have some more detail to help explain what I am seeing.
Here are the firewall rules immediately after a fresh installation, i.e. before enabling the firewall: $ iptables -L INPUT -n Chain INPUT (policy ACCEPT) target prot opt source destination $ iptables -L OUTPUT -n Chain OUTPUT (policy ACCEPT) target prot opt source destination $ iptables -L FORWARD -n Chain FORWARD (policy ACCEPT) target prot opt source destination And here are the firewall rules immediately after enabling the firewall by clicking Enable in gufw's main window: $ iptables -L INPUT -n Chain INPUT (policy DROP) target prot opt source destination ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-track-input all -- 0.0.0.0/0 0.0.0.0/0 $ iptables -L OUTPUT -n Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-logging-output all -- 0.0.0.0/0 0.0.0.0/0 ufw-before-output all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-output all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-logging-output all -- 0.0.0.0/0 0.0.0.0/0 ufw-reject-output all -- 0.0.0.0/0 0.0.0.0/0 ufw-track-output all -- 0.0.0.0/0 0.0.0.0/0 iptables -L FORWARD -n Chain FORWARD (policy DROP) target prot opt source destination ufw-before-logging-forward all -- 0.0.0.0/0 0.0.0.0/0 ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-logging-forward all -- 0.0.0.0/0 0.0.0.0/0 ufw-reject-forward all -- 0.0.0.0/0 0.0.0.0/0 Immediately after the new firewall creation: [UFW BLOCK] IN=eth0 OUT= MAC= SRC=192.168.50.8 DST=192.168.50.255 LEN=267 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=247 [UFW BLOCK] IN=eth0 OUT= MAC= SRC=192.168.50.8 DST=192.168.50.255 LEN=241 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=221 Run mintUpdate: [UFW BLOCK] IN=eth0 OUT= MAC=00:29:aa:6b:13:ca:00:21:1b:52:ef:b0:a7:00 SRC=91.189.88.46 DST=192.168.50.8 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=55764 PROTO=TCP SPT=80 DPT=32948 WINDOW=1024 RES=0x00 RST URGP=0 and lots of similar ones for other Canonical servers. -- Enabling firewall with the default rules breaks mintUpdate https://bugs.launchpad.net/bugs/566764 You received this bug notification because you are a member of Gufw Developers, which is the registrant for Gufw. Status in Gufw: New Status in The Linux Mint Distribution: Triaged Status in “gui-ufw” package in Ubuntu: Invalid Bug description: In Mint 8 Helena, enabling the firewall by clicking the Enabled button in the Firewall dialog creates a very odd set of default rules that over-cautiously blocks input packets with no allowance being made for RELATED,EXISTING connections. This is undesirable and has several consequences - for example, it completely breaks mintUpdate which can no longer receive data from Canonical's servers on port 80: [UFW BLOCK] IN=eth0 OUT= MAC=00:29:aa:6b:13:ca:00:21:1b:52:ef:b0:a7:00 SRC=91.189.88.46 DST=192.168.50.8 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=55764 PROTO=TCP SPT=80 DPT=32948 WINDOW=1024 RES=0x00 RST URGP=0 _______________________________________________ Mailing list: https://launchpad.net/~gufw-developers Post to : [email protected] Unsubscribe : https://launchpad.net/~gufw-developers More help : https://help.launchpad.net/ListHelp
