Ubuntu
ufw package

GUFW blocks all incoming VNC connections even if rules allow

Bug #1443203 reported by D. Charles Pyle
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ufw (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

I am having a problem with GUFW. I have it set to block incoming connections from everything. I then set rules to allow incoming connections from a VNC client on my local network to a VMWare Player VNC setup but no matter what I do with those rules, I cannot connect to the VNC server on my machine unless I change the setting for my profile to Allow for everything. Making and applying rules has no effect if the "Incoming" setting at the top of the application is set to Deny or Reject.

The only other option is to turn off the firewall entirely for a moment for the VNC client to connect, and then turn it back on again once a connection is established. Allowing all incoming connections for even a few moments just to use VNC on one port is a security risk.

Revision history for this message
costales (costales) wrote : Re: [Bug 1443203] [NEW] GUFW blocks all incoming VNC connections even if rules allow

Hi Charles!
Could you tell me the IPs and ports?

And a screenshots or ufw dump of what did you try?
Best regards!

Revision history for this message
D. Charles Pyle (dcharlespyle) wrote :

They are a range of private IPs (192.168.0.1-192.168.0.100) and the port is 5950. The VNC server is VMWare Player, running Windows XP Professional for a few apps that absolutely will not run on Linux or in WINE. I used the advanced settings to do it. I also tried the preconfigured and simple rules, too. Nothing worked to allow access unless I set the setting at the top to allow incoming traffic or completely turn off the firewall. Once the connection is established, I can turn it back on or reset the control to deny or reject and will still be able to use VNC.

Revision history for this message
D. Charles Pyle (dcharlespyle) wrote :

I do not know how to do a ufw dump. Please advise.

costales (costales)
affects: gui-ufw → ufw (Ubuntu)
Marc Deslauriers (mdeslaur)
information type: Private Security → Public
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Can you provide the kernel output right after trying to access the machine? Eg, on the system with ufw, do:

$ grep -i ufw /var/log/kern.log

or if you have redirected ufw output to go to another log file, attach that logfile (eg, /var/log/ufw.log).

Changed in ufw (Ubuntu):
status: New → Incomplete
Revision history for this message
D. Charles Pyle (dcharlespyle) wrote :

Unfortunately, I have ceased using Windows XP, and the computer from which I used VNC connections also has ceased to function. I am now using a DisplayLink device to give me a third screen rather than using VNC to access a virtual machine from another machine to do it.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for ufw (Ubuntu) because there has been no activity for 60 days.]

Changed in ufw (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.