ufw logs noisy services
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ufw |
Fix Released
|
Medium
|
Jamie Strandboge | ||
ufw (Ubuntu) |
Fix Released
|
Medium
|
Jamie Strandboge |
Bug Description
Binary package hint: ufw
Affects Ubuntu server 9.10, and ubuntu desktop 9.10
Pacakge: ufw 0.29-4ubuntu1
I expected ufw not to log broadcasts and other noisy services, but it does.
Detail:
The after.rules defaults for ufw in karmic include some lines intended to avoid logging for noisy services.
for example:
# don't log noisy services by default
-A ufw-after-input -p udp --dport 137 -j RETURN
See https:/
However, all rules in this chain end in RETURN, so flow of control returns to the INPUT chain, whether or not any rules match.
That chain then continues to the ufw-after-
Suggest replacing these lines with DROP targets instead:
i.e.
# don't log noisy services by default
-A ufw-after-input -p udp --dport 137 -j DROP
which cuts the logging out.
Changed in ufw (Ubuntu): | |
status: | New → Confirmed |
Changed in ufw (Ubuntu): | |
importance: | Undecided → Medium |
assignee: | nobody → Jamie Strandboge (jdstrand) |
status: | Confirmed → Triaged |
Changed in ufw (Ubuntu): | |
status: | Triaged → In Progress |
Using '-j DROP' works fine for a default deny firewall, and is a good workaround for people hitting this bug. However, the intention of -j RETURN was to allow for default accept firewalls also. Unfortunately as this bug clearly points out, it was not implemented properly.