[Bug 566764] Re: Enabling firewall with the default rules breaks mintUpdate

Thu, 22 Apr 2010 06:11:39 -0700 

Guys, thanks for the followups. I'm not sure why you are not able to
reproduce what I reported. Perhaps there is a misunderstanding between
us. I have some more detail to help explain what I am seeing.

Here are the firewall rules immediately after a fresh installation, i.e.
before enabling the firewall:

$ iptables -L INPUT -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

$  iptables -L OUTPUT -n
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

$  iptables -L FORWARD -n
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

And here are the firewall rules immediately after enabling the firewall
by clicking Enable in gufw's main window:

$  iptables -L INPUT -n
Chain INPUT (policy DROP)
target     prot opt source               destination         
ufw-before-logging-input  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-before-input  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-after-input  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-after-logging-input  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-reject-input  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-track-input  all  --  0.0.0.0/0            0.0.0.0/0      

$  iptables -L OUTPUT -n
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ufw-before-logging-output  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-before-output  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-after-output  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-after-logging-output  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-reject-output  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-track-output  all  --  0.0.0.0/0            0.0.0.0/0           

 iptables -L FORWARD -n
Chain FORWARD (policy DROP)
target     prot opt source               destination         
ufw-before-logging-forward  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-before-forward  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-after-forward  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-after-logging-forward  all  --  0.0.0.0/0            0.0.0.0/0           
ufw-reject-forward  all  --  0.0.0.0/0            0.0.0.0/0           


Immediately after the new firewall creation:

[UFW BLOCK] IN=eth0 OUT= MAC= SRC=192.168.50.8 DST=192.168.50.255 LEN=267 
TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=247 
[UFW BLOCK] IN=eth0 OUT= MAC= SRC=192.168.50.8 DST=192.168.50.255 LEN=241 
TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=138 DPT=138 LEN=221 


Run mintUpdate:

[UFW BLOCK] IN=eth0 OUT= MAC=00:29:aa:6b:13:ca:00:21:1b:52:ef:b0:a7:00
SRC=91.189.88.46 DST=192.168.50.8 LEN=40 TOS=0x00 PREC=0x00 TTL=64
ID=55764 PROTO=TCP SPT=80 DPT=32948 WINDOW=1024 RES=0x00 RST URGP=0

and lots of similar ones for other Canonical servers.

-- 
Enabling firewall with the default rules breaks mintUpdate
https://bugs.launchpad.net/bugs/566764
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to