For user's of earlier versions of ufw, you can work around this by adjusting these lines in /etc/ufw/before.rules: -A ufw-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A ufw-before-input -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW BLOCK INVALID]: " -A ufw-before-input -m conntrack --ctstate INVALID -j DROP
to be: -A ufw-before-input -m state --state RELATED,ESTABLISHED -j ACCEPT -A ufw-before-input -m state --state INVALID -j LOG --log-prefix "[UFW BLOCK INVALID]: " -A ufw-before-input -m state --state INVALID -j DROP Of course, your kernel must be configured for stateful filtering for this to work. -- ufw fails when connection tracking is not available https://bugs.launchpad.net/bugs/289906 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
