interface related rules appear active after deletion
Bug #1698751 reported by
Tal Ziv
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ufw (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Hi,
In ufw 0.35 in Ubuntu 16.04.2 LTS , when deleting the following format rule:
ufw allow in on eth0 to any port 8080 proto tcp
the rule is actually deleted and the port is blocked, But when issuing 'ufw show added'
the rule is still there.
To post a comment you must log in.
Thank you for using ufw and reporting a bug. I cannot reproduce this:
$ sudo ufw allow OpenSSH
$ sudo ufw enable
$ sudo ufw show added
Added user rules (see 'ufw status' for running firewall):
ufw allow OpenSSH
$ sudo ufw allow in on eth0 to any port 8080 proto tcp
Rule added
Rule added (v6)
$ sudo ufw show added
Added user rules (see 'ufw status' for running firewall):
ufw allow OpenSSH
ufw allow in on eth0 to any port 8080 proto tcp
$ sudo ufw delete allow in on eth0 to any port 8080 proto tcp
Rule deleted
Rule deleted (v6)
$ sudo ufw show added
Added user rules (see 'ufw status' for running firewall):
ufw allow OpenSSH
The rule you added (as you can see from the above) is generic enough to be applied to *both* IPv4 and IPv6. Did you delete the rule in the manner I did above, or did you use 'ufw delete NUMBER'. When using 'delete NUMBER' ufw will only delete the rule specified and will not assume you want other numbered rules to be deleted also. Eg:
$ sudo ufw allow in on eth0 to any port 8080 proto tcp
Rule added
Rule added (v6)
$ sudo ufw show added
Added user rules (see 'ufw status' for running firewall):
ufw allow OpenSSH
ufw allow in on eth0 to any port 8080 proto tcp
$ sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] OpenSSH ALLOW IN Anywhere
[ 2] 8080/tcp on eth0 ALLOW IN Anywhere
[ 3] OpenSSH (v6) ALLOW IN Anywhere (v6)
[ 4] 8080/tcp (v6) on eth0 ALLOW IN Anywhere (v6)
$ sudo ufw delete 2
Deleting:
allow in on eth0 to any port 8080 proto tcp
Proceed with operation (y|n)? y
Rule deleted
$ sudo ufw status numbered
Status: active
To Action From
-- ------ ----
[ 1] OpenSSH ALLOW IN Anywhere
[ 2] OpenSSH (v6) ALLOW IN Anywhere (v6)
[ 3] 8080/tcp (v6) on eth0 ALLOW IN Anywhere (v6)
$ sudo ufw show added
Added user rules (see 'ufw status' for running firewall):
ufw allow OpenSSH
ufw allow in on eth0 to any port 8080 proto tcp
The above is expected and intended behavior.