ufw not logging if it decides to stop all traffic ? Confused
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| ufw (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
Sorry, this is going to be a very bad report. Here's what I did:
- installed gufw and enabled it, no rules, just default incoming=deny outgoing=accept
- rebooted
- Ethernet says it connected
- no network access; ping 1.1.1.1 fails
- launch gufw, and it says it's disabled (the whole firewall)
- I think eventually I figured out that iptables had been emptied and INPUT chain set to DROP
After many travails, I captured a piece of dmesg output as the system was booting, and I think it shows ufw trying to check IPv6 status and deciding to stop everything. At least logging (which was set to full in gufw) suddenly stops.
In network manager, I've tried to say "ignore IPv6". I'm not sure if this trouble is related to fiddling with the "only work if IPv4 is enabled" check-box, which seems to have a ToolTip that is exactly backwards. My ISP does not give IPv6 service. I've tried many settings of the IPv6 drop-down in System Settings / Network GUI, setting and clearing the IPv4 and IPv6 required check-boxes, etc.
So, I'm totally confused, but I think the log shows that logging suddenly stops (from full to zero), which must mean ufw detected some condition that made it empty out the iptables and set everything to DROP ? If so, ufw should have logged a message saying it was doing so, and I don't see such a message. So, if I'm right, at least this is a feature request that ufw should log a message when it decides to stop all IPv4 or IPv6 traffic and/or stop logging and/or wipe out all rules.
Sorry about the mess of a report.
I'm using Kubuntu 20.10, gufw 20.10.0-0ubuntu1, ufw 0.36-7
ProblemType: Bug
DistroRelease: Ubuntu 20.10
Package: ufw (not installed)
ProcVersionSign
Uname: Linux 5.8.0-41-generic x86_64
ApportVersion: 2.20.11-0ubuntu50.5
Architecture: amd64
CasperMD5CheckR
CurrentDesktop: KDE
Date: Fri Feb 5 20:35:18 2021
InstallationDate: Installed on 2021-02-03 (2 days ago)
InstallationMedia: Kubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022)
SourcePackage: ufw
UpgradeStatus: No upgrade log present (probably fresh install)
| William Dietrich (billdietrich444) wrote | #1 |
| Jamie Strandboge (jdstrand) wrote | #2 |
| Changed in ufw (Ubuntu): | |
| status: | New → Incomplete |
| William Dietrich (billdietrich444) wrote | #3 |
| Jamie Strandboge (jdstrand) wrote | #4 |
| Jamie Strandboge (jdstrand) wrote | #5 |
| Changed in ufw (Ubuntu): | |
| status: | Incomplete → Invalid |
Hi. A few things: ufw is capable of logging (see 'man ufw' the part about 'ufw logging' as well as per rule logging with 'ufw ... log' or 'ufw ... log-all'. It is also capable of ipv6 (see /etc/default/ufw. Also, gufw is a different project than ufw, but it sounds like the issue you saw may be seeing is another firewall is in place.
What is the output of 'sudo /usr/share/