portsentry blocks local systemd-resolved.service on 127.0.0.53:53
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
portsentry (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
After enabling portsentry it starts after some (2) days to block systemd-resolved service on my computer.
attackalert: UDP scan from host: 127.0.0.
attackalert: Host 127.0.0.53 has been blocked via wrappers with string: "ALL: 127.0.0.53 : DENY"
attackalert: Host 127.0.0.53 has been blocked via dropped route using command: "/sbin/route add -host 127.0.0.53 reject
I put the IP 127.0.0.53 to the list of ignored IP addresses but would expect that it ignores it by default.
But maybe this "attack" should not happen at all and something is wrong on my system or with systemd-resolved.
Is it secure to ignore?
Is this a normal behaviour of systemd-resolved?
Any help would be appreciated.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: portsentry 1.2-14build1
ProcVersionSign
Uname: Linux 5.0.0-36-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.9-0ubuntu7.9
Architecture: amd64
Date: Fri Nov 29 13:03:36 2019
InstallationDate: Installed on 2018-12-31 (332 days ago)
InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 (20180725)
ProcEnviron:
TERM=screen-
PATH=(custom, no user)
XDG_RUNTIME_
LANG=de_DE.UTF-8
SHELL=/bin/bash
SourcePackage: portsentry
UpgradeStatus: No upgrade log present (probably fresh install)
mtime.conffile.
mtime.conffile.