ufw should update logging /etc/ufw/after.rules when set to default allow

Bug #273278 reported by Jamie Strandboge on 2008-09-22
Affects Status Importance Assigned to Milestone
ufw (Ubuntu)
Jamie Strandboge

Bug Description

Binary package hint: ufw

/etc/ufw/after.rules has:

# catchall for logging
-A ufw-after-input -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK INPUT]: "
-A ufw-after-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK FORWARD]: "

This works fine for a default deny firewall, but is wrong (and confusing) for a default allow firewall. This is a known upstream issue and is listed in the TODO file.

Related branches

Changed in ufw:
assignee: nobody → jdstrand
status: New → Triaged
Jamie Strandboge (jdstrand) wrote :

Fix committed in bzr

Changed in ufw:
status: Triaged → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ufw - 0.23

ufw (0.23) intrepid; urgency=low

  * show protocol in status when no ports are specified (LP: #263308)
  * update after*.rules when setting default policy (LP: #273278)
  * give useful message when trying to delete a non-existent rule (LP: #251136)
  * don't print useless newlines
  * add 'translations' support to Makefile (but don't use it in build yet)
  * updated README for advanced usage
  * updated TODO
  * References
    LP: #275984

 -- Jamie Strandboge <email address hidden> Mon, 29 Sep 2008 11:52:53 -0500

Changed in ufw:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers