Hello les, or anyone else affected, Accepted ufw into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/ufw/0.36-0ubuntu0.18.04.1 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ufw in Ubuntu. https://bugs.launchpad.net/bugs/1719211 Title: Bad interface name Status in ufw package in Ubuntu: Fix Released Status in ufw source package in Bionic: Fix Committed Status in ufw source package in Cosmic: Fix Committed Status in ufw source package in Disco: Fix Released Bug description: [Impact] ufw's interface name's or both too strict (this bug) and too loose (iptables has its own limits). Adjust the interface name checks to match those of the kernel. [Test Case] $ sudo ufw --dry-run allow in on i-1|grep i-1 ### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 in_i-1 -A ufw-user-input -i i-1 -j ACCEPT ### tuple ### allow any any ::/0 any ::/0 in_i-1 -A ufw6-user-input -i i-1 -j ACCEPT With an unpatched ufw, the above results in: $ sudo ufw --dry-run allow in on i-1|grep i-1 ERROR: Bad interface name [Regression Potential] Risk of regression is considered low since the updated allow more than what is currently allowed, but not more than what iptables allows. See: https://git.launchpad.net/ufw/tree/src/common.py?h=release/0.36#n295 = Original description = Is there a reason to restrict interface's name in ufw? Should ufw accept what iptables accept as iface name? I've a vpn with lot of nodes, its iface name contain a '-' so cannot use ufw on it. I've found the check here and cannot found a reason for it: http://bazaar.launchpad.net/~jdstrand/ufw/trunk/view/head:/src/common.py#L300 thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1719211/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
