ufw should display all active rules and important info
Bug #251153 reported by
Peter Matulis
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ufw (Ubuntu) |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
Binary package hint: ufw
The rules that are loaded automatically when ufw is enabled should be displayed when the 'status' command is invoked. If not, this could lead to a lot of confusion on the part of the user.
Practically speaking, and considering just ingress filtering, I believe this impacts ICMP and DHCP traffic (configured in /etc/ufw/
In addition:
a) Since ufw is primarily designed for ingress filtering, somewhere the output to the 'status' command should reinforce this fact.
b) It may be improper to neglect to have the 'status' command display the default allow or deny policy.
Related branches
Changed in ufw: | |
status: | Triaged → Fix Committed |
To post a comment you must log in.
Thank you for using Ubuntu and reporting this bug. The 'status' command is intended to only report the ufw managed rules as well as some other information. Eg:
$ sudo ufw status
Status: loaded
Logging: on
Default: deny
To Action From
22:tcp ALLOW 192.168.2.0/24
This is not intended as a replacement for 'iptables -n -L'. In fact, displaying rules from /etc/ufw/*.rules would likely cause more confusion because the user would not be able to manage rules in these files with the ufw command. I do agree that the documentation should be more clear on this point however, and I will update it accordingly.