Gufw

Problem with VPN

Bug #1662412 reported by ALinuxUser
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Gufw
Won't Fix
Undecided
Unassigned
ufw
Invalid
Undecided
Unassigned

Bug Description

My VPN seems to disable the firewall whilst it - the VPN - is connecting; or at least GUFW shows the firewall as disabled. Moreover, the firewall comes back on when the VPN is connected. Good! The problem is as follows.

*GUFW does not show the new - firewall re-enabled - state until GUFW is restarted (ie. until I've quit the program and restarted it).

Linux Mint 18.1 x64 Cinnamon.

costales (costales)
Changed in gui-ufw:
status: New → Invalid
Revision history for this message
ALinuxUser (buntulongername-new) wrote :

Pardon me, but surely it helps no-one, simply to mark this bug report as invalid with no explanation whatsoever.

Revision history for this message
costales (costales) wrote :

Derivated issue to ufw

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

What vpn are you using and where did you get it from?

Changed in ufw:
status: New → Incomplete
Revision history for this message
ALinuxUser (buntulongername-new) wrote :

@Jamie

I've e-mailed you (on your ubuntu.com address).

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

It sounds like the vpn is turning off the firewall and then turning it back on. Can you do these steps in a terminal:

1. sudo ufw status
2. start the vpn
3. while the vpn is connecting, run sudo ufw status
4. when the vpn is done connecting, run sudo ufw status

You'll have to time this right, but if the VPN is turning off ufw, this sounds like a bug in gufw not noticing the changes (which wouldn't be surprising, gufw expects to manage the firewall and the VPN is (perhaps) running commands out from under gufw.

Revision history for this message
ALinuxUser (buntulongername-new) wrote :

Jamie, I think you are onto something.

~ $ sudo ufw status
[sudo] password for [redacted]:
Status: active

To Action From
-- ------ ----
[rules redacted]

~ $ sudo ufw status
ERROR: problem running iptables: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?

~ $ sudo ufw status
ERROR: problem running iptables: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?

~ $ sudo ufw status
Status: active

To Action From
-- ------ ----
[Rules redacted]

~ $

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Since the VPN application is modifying the firewall, I don't see this as a bug in ufw (it does not have a long running process that needs to be alerted to changes). gufw would need support for being alerted to changes to the running firewall. I'm going to reopen the gufw task so the upstream developer can consider this.

Changed in gui-ufw:
status: Invalid → New
Changed in ufw:
status: Incomplete → Invalid
Revision history for this message
costales (costales) wrote :

Hi :) Track ufw status in not in the current scope of Gufw now, I'm sorry.
Best regards.

Changed in gui-ufw:
status: New → Won't Fix
Revision history for this message
ALinuxUser (buntulongername-new) wrote :

So, costales, and others: you are happy enough that gufw misreports the state of the firewall, even though thousands of people rely on your program to, among other things, check the state of the firewall?

Still, unless the problem has further forms (does it?), it will only be people using the VPN client in question who will suffer from the problem - and I myself have dropped the client in favour of OpenVPN.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.