Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: ufw (Ubuntu)
       Status: New => Confirmed

You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.

  With UFW enabled, kernel reports SYN flooding

Status in ufw package in Ubuntu:

Bug description:
  So, this is a fun one.

  I have an Epson XP-610 multifunction
  scanner/printer/coffeemaker/whiskey distillery. It uses an XSane
  plugin, which spawns an intermediary network app
  (/usr/lib/iscan/network) which detects and talks to the scanner. These
  packages can all be obtained from here:

  Anyway, if you have UFW disabled, it works. If you enable UFW, however
  it works intermittently and takes forever to start up. Checking my
  syslog, I find:

  Oct  6 22:48:00 hiro kernel: [48176.543355] TCP: request_sock_TCP:
  Possible SYN flooding on port 40796. Dropping request.  Check SNMP

  A wireshark capture shows two things:
  1.) It is communicating on that port on the "lo" interface, not any real 
  2.) There's one SYN. Not a lot. Just a single SYN. And then TCP retries. And 
then eventually it works. Sometimes.

  Anyway, if I edit /etc/ufw/sysctl.conf, and set
  net/ipv4/tcp_syncookies=1, and then disable and reenable UFW, it
  works, with the following syslog entry:

  Oct  7 20:26:18 hiro kernel: [13666.745140] TCP: request_sock_TCP:
  Possible SYN flooding on port 42751. Sending cookies.  Check SNMP

  Now, to be clear, I think the syncookies is a workaround for a more
  serious problem. Namely, why does the kernel think it's under attack
  to begin with?

  Anyway, I'm not certain this is really a UFW bug, but I'm starting
  here because UFW seems to make it worse. Feel free to reclassify as a
  kernel bug.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: ufw 0.35-0ubuntu2
  ProcVersionSignature: Ubuntu 4.4.0-38.57-generic 4.4.19
  Uname: Linux 4.4.0-38-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Fri Oct  7 20:20:00 2016
  PackageArchitecture: all
  SourcePackage: ufw
  UpgradeStatus: Upgraded to xenial on 2016-09-30 (7 days ago)
  mtime.conffile..etc.ufw.sysctl.conf: 2016-10-06T23:11:58.680226

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to