[Touch-packages] [Bug 1938005] Re: ufw ignores rules
[Expired for ufw (Ubuntu) because there has been no activity for 60 days.] ** Changed in: ufw (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1938005 Title: ufw ignores rules Status in ufw package in Ubuntu: Expired Bug description: With my setting I shouldn't be able to surf web, but I can do it (without proxy/vpn) This problem happens after `iptables -F` and only way to solve it, is to reboot PC. I tried `ufw reload` , too ProblemType: Bug DistroRelease: Ubuntu 21.04 Package: ufw 0.36-7.1 ProcVersionSignature: Ubuntu 5.11.0-25.27-generic 5.11.22 Uname: Linux 5.11.0-25-generic x86_64 ApportVersion: 2.20.11-0ubuntu65.1 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Mon Jul 26 11:53:17 2021 EcryptfsInUse: Yes InstallationDate: Installed on 2021-06-17 (38 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) PackageArchitecture: all SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.ufw: 2021-07-25T22:22:29.221649 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1938005/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1938005] Re: ufw ignores rules
Recall that ufw uses connection tracking so if you add a deny rule, you may need to expire the connection tracking. One way to do this is to run: `conntrack -D -d ` (see man conntrack for details). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1938005 Title: ufw ignores rules Status in ufw package in Ubuntu: Incomplete Bug description: With my setting I shouldn't be able to surf web, but I can do it (without proxy/vpn) This problem happens after `iptables -F` and only way to solve it, is to reboot PC. I tried `ufw reload` , too ProblemType: Bug DistroRelease: Ubuntu 21.04 Package: ufw 0.36-7.1 ProcVersionSignature: Ubuntu 5.11.0-25.27-generic 5.11.22 Uname: Linux 5.11.0-25-generic x86_64 ApportVersion: 2.20.11-0ubuntu65.1 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Mon Jul 26 11:53:17 2021 EcryptfsInUse: Yes InstallationDate: Installed on 2021-06-17 (38 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) PackageArchitecture: all SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.ufw: 2021-07-25T22:22:29.221649 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1938005/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1938005] Re: ufw ignores rules
It is true that DEFAULT_OUTPUT_POLICY="ACCEPT" but I have blocked either 443 and 80 port in rules. So I shouldn't be able to surf the web (without proxy) However, thank you so much for hot-fix you offered, it solved my problem for bug report concern 'ufw reload' should do the same (but I'm not expert. Also I don't want to annoy you anymore you solved my problem) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1938005 Title: ufw ignores rules Status in ufw package in Ubuntu: Incomplete Bug description: With my setting I shouldn't be able to surf web, but I can do it (without proxy/vpn) This problem happens after `iptables -F` and only way to solve it, is to reboot PC. I tried `ufw reload` , too ProblemType: Bug DistroRelease: Ubuntu 21.04 Package: ufw 0.36-7.1 ProcVersionSignature: Ubuntu 5.11.0-25.27-generic 5.11.22 Uname: Linux 5.11.0-25-generic x86_64 ApportVersion: 2.20.11-0ubuntu65.1 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Mon Jul 26 11:53:17 2021 EcryptfsInUse: Yes InstallationDate: Installed on 2021-06-17 (38 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) PackageArchitecture: all SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.ufw: 2021-07-25T22:22:29.221649 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1938005/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1938005] Re: ufw ignores rules
/etc/default/ufw has: DEFAULT_OUTPUT_POLICY="ACCEPT" This means that all outgoing traffic is allowed. If you would like to change that, you can use: $ sudo ufw deny outgoing This will make it more difficult for you to manage the firewall since you'll have to add rules like: $ sudo ufw allow out to any port 53 and the like. Note, using 'ufw reload' may not work as expected if you are running iptables commands by hand underneath it. In those case, I suggest: $ sudo /lib/ufw/ufw-init flush-all $ sudo ufw disable $ sudo ufw enable Please report back. Thanks again for the report. ** Changed in: ufw (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1938005 Title: ufw ignores rules Status in ufw package in Ubuntu: Incomplete Bug description: With my setting I shouldn't be able to surf web, but I can do it (without proxy/vpn) This problem happens after `iptables -F` and only way to solve it, is to reboot PC. I tried `ufw reload` , too ProblemType: Bug DistroRelease: Ubuntu 21.04 Package: ufw 0.36-7.1 ProcVersionSignature: Ubuntu 5.11.0-25.27-generic 5.11.22 Uname: Linux 5.11.0-25-generic x86_64 ApportVersion: 2.20.11-0ubuntu65.1 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Mon Jul 26 11:53:17 2021 EcryptfsInUse: Yes InstallationDate: Installed on 2021-06-17 (38 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) PackageArchitecture: all SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.ufw: 2021-07-25T22:22:29.221649 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1938005/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1938005] Re: ufw ignores rules
You have not read description fully. After running `ufw reload` rules should restore completely to iptables but it doesn't happen in complete manner. ** Changed in: ufw (Ubuntu) Status: Invalid => New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1938005 Title: ufw ignores rules Status in ufw package in Ubuntu: New Bug description: With my setting I shouldn't be able to surf web, but I can do it (without proxy/vpn) This problem happens after `iptables -F` and only way to solve it, is to reboot PC. I tried `ufw reload` , too ProblemType: Bug DistroRelease: Ubuntu 21.04 Package: ufw 0.36-7.1 ProcVersionSignature: Ubuntu 5.11.0-25.27-generic 5.11.22 Uname: Linux 5.11.0-25-generic x86_64 ApportVersion: 2.20.11-0ubuntu65.1 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Mon Jul 26 11:53:17 2021 EcryptfsInUse: Yes InstallationDate: Installed on 2021-06-17 (38 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) PackageArchitecture: all SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.ufw: 2021-07-25T22:22:29.221649 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1938005/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1938005] Re: ufw ignores rules
Thank you for the bug report. You mentioned that the problem happens after running `iptables -F`. This command removes all the rules from the firewall (see man iptables) so it would be expected that the firewall would not work correctly after running this. I'm going to mark this as Invalid, but if you have more information, feel free to add it. ** Changed in: ufw (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1938005 Title: ufw ignores rules Status in ufw package in Ubuntu: Invalid Bug description: With my setting I shouldn't be able to surf web, but I can do it (without proxy/vpn) This problem happens after `iptables -F` and only way to solve it, is to reboot PC. I tried `ufw reload` , too ProblemType: Bug DistroRelease: Ubuntu 21.04 Package: ufw 0.36-7.1 ProcVersionSignature: Ubuntu 5.11.0-25.27-generic 5.11.22 Uname: Linux 5.11.0-25-generic x86_64 ApportVersion: 2.20.11-0ubuntu65.1 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Mon Jul 26 11:53:17 2021 EcryptfsInUse: Yes InstallationDate: Installed on 2021-06-17 (38 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) PackageArchitecture: all SourcePackage: ufw UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.ufw: 2021-07-25T22:22:29.221649 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1938005/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
