[Touch-packages] [Bug 1914816] Re: ufw not logging if it decides to stop all traffic ? Confused
Thanks for the additional information! :) ** Changed in: ufw (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1914816 Title: ufw not logging if it decides to stop all traffic ? Confused Status in ufw package in Ubuntu: Invalid Bug description: Sorry, this is going to be a very bad report. Here's what I did: - installed gufw and enabled it, no rules, just default incoming=deny outgoing=accept - rebooted - Ethernet says it connected - no network access; ping 1.1.1.1 fails - launch gufw, and it says it's disabled (the whole firewall) - I think eventually I figured out that iptables had been emptied and INPUT chain set to DROP After many travails, I captured a piece of dmesg output as the system was booting, and I think it shows ufw trying to check IPv6 status and deciding to stop everything. At least logging (which was set to full in gufw) suddenly stops. In network manager, I've tried to say "ignore IPv6". I'm not sure if this trouble is related to fiddling with the "only work if IPv4 is enabled" check-box, which seems to have a ToolTip that is exactly backwards. My ISP does not give IPv6 service. I've tried many settings of the IPv6 drop-down in System Settings / Network GUI, setting and clearing the IPv4 and IPv6 required check-boxes, etc. So, I'm totally confused, but I think the log shows that logging suddenly stops (from full to zero), which must mean ufw detected some condition that made it empty out the iptables and set everything to DROP ? If so, ufw should have logged a message saying it was doing so, and I don't see such a message. So, if I'm right, at least this is a feature request that ufw should log a message when it decides to stop all IPv4 or IPv6 traffic and/or stop logging and/or wipe out all rules. Sorry about the mess of a report. I'm using Kubuntu 20.10, gufw 20.10.0-0ubuntu1, ufw 0.36-7 ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: ufw (not installed) ProcVersionSignature: Ubuntu 5.8.0-41.46-generic 5.8.18 Uname: Linux 5.8.0-41-generic x86_64 ApportVersion: 2.20.11-0ubuntu50.5 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: KDE Date: Fri Feb 5 20:35:18 2021 InstallationDate: Installed on 2021-02-03 (2 days ago) InstallationMedia: Kubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022) SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1914816/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1914816] Re: ufw not logging if it decides to stop all traffic ? Confused
The check is not free, but it is an interesting idea to do this. I've created a wishlist bug for it: https://bugs.launchpad.net/ufw/+bug/1917325 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1914816 Title: ufw not logging if it decides to stop all traffic ? Confused Status in ufw package in Ubuntu: Invalid Bug description: Sorry, this is going to be a very bad report. Here's what I did: - installed gufw and enabled it, no rules, just default incoming=deny outgoing=accept - rebooted - Ethernet says it connected - no network access; ping 1.1.1.1 fails - launch gufw, and it says it's disabled (the whole firewall) - I think eventually I figured out that iptables had been emptied and INPUT chain set to DROP After many travails, I captured a piece of dmesg output as the system was booting, and I think it shows ufw trying to check IPv6 status and deciding to stop everything. At least logging (which was set to full in gufw) suddenly stops. In network manager, I've tried to say "ignore IPv6". I'm not sure if this trouble is related to fiddling with the "only work if IPv4 is enabled" check-box, which seems to have a ToolTip that is exactly backwards. My ISP does not give IPv6 service. I've tried many settings of the IPv6 drop-down in System Settings / Network GUI, setting and clearing the IPv4 and IPv6 required check-boxes, etc. So, I'm totally confused, but I think the log shows that logging suddenly stops (from full to zero), which must mean ufw detected some condition that made it empty out the iptables and set everything to DROP ? If so, ufw should have logged a message saying it was doing so, and I don't see such a message. So, if I'm right, at least this is a feature request that ufw should log a message when it decides to stop all IPv4 or IPv6 traffic and/or stop logging and/or wipe out all rules. Sorry about the mess of a report. I'm using Kubuntu 20.10, gufw 20.10.0-0ubuntu1, ufw 0.36-7 ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: ufw (not installed) ProcVersionSignature: Ubuntu 5.8.0-41.46-generic 5.8.18 Uname: Linux 5.8.0-41-generic x86_64 ApportVersion: 2.20.11-0ubuntu50.5 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: KDE Date: Fri Feb 5 20:35:18 2021 InstallationDate: Installed on 2021-02-03 (2 days ago) InstallationMedia: Kubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022) SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1914816/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1914816] Re: ufw not logging if it decides to stop all traffic ? Confused
Okay, thanks, check-requirements gives: WARN: detected other firewall applications: firewalld (if enabled, these applications may interfere with ufw) Is there some way this check could be done in more places, and a warning given to the user in each place ? The ufw and gufw GUI applications should do that each time they are launched. It would be great to have this warning in the system log, too. Maybe even the install scripts for ufw and gufw should check too. Thanks. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1914816 Title: ufw not logging if it decides to stop all traffic ? Confused Status in ufw package in Ubuntu: Incomplete Bug description: Sorry, this is going to be a very bad report. Here's what I did: - installed gufw and enabled it, no rules, just default incoming=deny outgoing=accept - rebooted - Ethernet says it connected - no network access; ping 1.1.1.1 fails - launch gufw, and it says it's disabled (the whole firewall) - I think eventually I figured out that iptables had been emptied and INPUT chain set to DROP After many travails, I captured a piece of dmesg output as the system was booting, and I think it shows ufw trying to check IPv6 status and deciding to stop everything. At least logging (which was set to full in gufw) suddenly stops. In network manager, I've tried to say "ignore IPv6". I'm not sure if this trouble is related to fiddling with the "only work if IPv4 is enabled" check-box, which seems to have a ToolTip that is exactly backwards. My ISP does not give IPv6 service. I've tried many settings of the IPv6 drop-down in System Settings / Network GUI, setting and clearing the IPv4 and IPv6 required check-boxes, etc. So, I'm totally confused, but I think the log shows that logging suddenly stops (from full to zero), which must mean ufw detected some condition that made it empty out the iptables and set everything to DROP ? If so, ufw should have logged a message saying it was doing so, and I don't see such a message. So, if I'm right, at least this is a feature request that ufw should log a message when it decides to stop all IPv4 or IPv6 traffic and/or stop logging and/or wipe out all rules. Sorry about the mess of a report. I'm using Kubuntu 20.10, gufw 20.10.0-0ubuntu1, ufw 0.36-7 ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: ufw (not installed) ProcVersionSignature: Ubuntu 5.8.0-41.46-generic 5.8.18 Uname: Linux 5.8.0-41-generic x86_64 ApportVersion: 2.20.11-0ubuntu50.5 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: KDE Date: Fri Feb 5 20:35:18 2021 InstallationDate: Installed on 2021-02-03 (2 days ago) InstallationMedia: Kubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022) SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1914816/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1914816] Re: ufw not logging if it decides to stop all traffic ? Confused
Hi. A few things: ufw is capable of logging (see 'man ufw' the part about 'ufw logging' as well as per rule logging with 'ufw ... log' or 'ufw ... log-all'. It is also capable of ipv6 (see /etc/default/ufw. Also, gufw is a different project than ufw, but it sounds like the issue you saw may be seeing is another firewall is in place. What is the output of 'sudo /usr/share/ufw/check-requirements'? ** Changed in: ufw (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1914816 Title: ufw not logging if it decides to stop all traffic ? Confused Status in ufw package in Ubuntu: Incomplete Bug description: Sorry, this is going to be a very bad report. Here's what I did: - installed gufw and enabled it, no rules, just default incoming=deny outgoing=accept - rebooted - Ethernet says it connected - no network access; ping 1.1.1.1 fails - launch gufw, and it says it's disabled (the whole firewall) - I think eventually I figured out that iptables had been emptied and INPUT chain set to DROP After many travails, I captured a piece of dmesg output as the system was booting, and I think it shows ufw trying to check IPv6 status and deciding to stop everything. At least logging (which was set to full in gufw) suddenly stops. In network manager, I've tried to say "ignore IPv6". I'm not sure if this trouble is related to fiddling with the "only work if IPv4 is enabled" check-box, which seems to have a ToolTip that is exactly backwards. My ISP does not give IPv6 service. I've tried many settings of the IPv6 drop-down in System Settings / Network GUI, setting and clearing the IPv4 and IPv6 required check-boxes, etc. So, I'm totally confused, but I think the log shows that logging suddenly stops (from full to zero), which must mean ufw detected some condition that made it empty out the iptables and set everything to DROP ? If so, ufw should have logged a message saying it was doing so, and I don't see such a message. So, if I'm right, at least this is a feature request that ufw should log a message when it decides to stop all IPv4 or IPv6 traffic and/or stop logging and/or wipe out all rules. Sorry about the mess of a report. I'm using Kubuntu 20.10, gufw 20.10.0-0ubuntu1, ufw 0.36-7 ProblemType: Bug DistroRelease: Ubuntu 20.10 Package: ufw (not installed) ProcVersionSignature: Ubuntu 5.8.0-41.46-generic 5.8.18 Uname: Linux 5.8.0-41-generic x86_64 ApportVersion: 2.20.11-0ubuntu50.5 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: KDE Date: Fri Feb 5 20:35:18 2021 InstallationDate: Installed on 2021-02-03 (2 days ago) InstallationMedia: Kubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022) SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1914816/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp