ufw must be stopped after iface is powered off
Bug #298736 reported by
Aymeric
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ufw (Ubuntu) |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Hardy |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Intrepid |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
Using Ubuntu Hardy Heron as server and ufw as firewall.
I have found that ufw is started before the iface is configured, so it's ok, when your iface is enable, all your firewall rule is loaded.
*But* ufw is stopped before the iface !
So if you have a service running and locked by a rule in ufw (sample: ssh is allowed only for a range of IP), when you are rebooting your service is not behind a firewall until your iface is disable.
This is very insecure when you have an other services that take long time to stop and it's between the halt of ufw and iface disable.
Changed in ufw: | |
status: | Triaged → Fix Committed |
Changed in ufw: | |
assignee: | nobody → jdstrand |
status: | New → Triaged |
assignee: | nobody → jdstrand |
status: | New → Triaged |
To post a comment you must log in.
Thank you for reporting the bug. It is a known issue that ufw is unloaded on shutdown, and a fix for this is planned.