ufw logging off doesn't disable LIMIT logs

Bug #512131 reported by Loïc Minier on 2010-01-25
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ufw
Medium
Jamie Strandboge
ufw (Ubuntu)
Medium
Jamie Strandboge

Bug Description

Binary package hint: ufw

Hi

After setting logging to off in the config and after ufw logging enable && ufw logging disable, I still get some logs from "UFW LIMIT BLOCK".

Is there a way to avoid these?

Thanks,

ProblemType: Bug
Architecture: amd64
Date: Mon Jan 25 01:21:41 2010
DistroRelease: Ubuntu 9.10
Package: ufw 0.29-4ubuntu1
PackageArchitecture: all
ProcEnviron:
 LANG=en_US.UTF-8
 SHELL=/bin/zsh
ProcVersionSignature: Ubuntu 2.6.31-17.54-server
SourcePackage: ufw
Uname: Linux 2.6.31-17-server x86_64

Loïc Minier (lool) wrote :
Jamie Strandboge (jdstrand) wrote :

I see the issue. For now you can workaround this by adjusting /lib/ufw/user*.rules and remove these lines:
### RATE LIMITING ###
-A ufw-user-limit -m limit --limit 3/minute -j LOG --log-prefix "[UFW LIMIT BLOCK] "
-A ufw-user-limit -j REJECT
-A ufw-user-limit-accept -j ACCEPT
### END RATE LIMITING ###

Then perform:
$ sudo ufw relead

Verify with:
$ sudo ufw show raw|grep 'LIMIT BLOCK'

Changed in ufw (Ubuntu):
assignee: nobody → Jamie Strandboge (jdstrand)
importance: Undecided → Medium
milestone: none → ubuntu-10.04
status: New → Triaged
Jamie Strandboge (jdstrand) wrote :

Err... that should be 'sudo ufw reload'

Changed in ufw (Ubuntu):
status: Triaged → In Progress
Loïc Minier (lool) wrote :

I had nothing similar in /lib/ufw/user6.rules and in /lib/ufw/user.rules I had:
### END RULES ###
-A ufw-user-limit -m limit --limit 3/minute -j LOG --log-prefix "[UFW LIMIT BLOCK] "
-A ufw-user-limit -j REJECT
-A ufw-user-limit-accept -j ACCEPT
COMMIT

I just dropped the -j LOG one, ran ufw reload, and ufw show raw | grep 'LIMIT BLOCK' doesn't return anything anymore.

(This is on karmic.)

Jamie Strandboge (jdstrand) wrote :

Fix committed in trunk. This will be released in 0.30. I'll probably SRU it as well.

Changed in ufw (Ubuntu):
status: In Progress → Fix Committed
Loïc Minier (lool) wrote :

Thanks!

Jamie Strandboge (jdstrand) wrote :

Yeah, I meant just the LOG one. I've got some other logging fixes for SRU and will group this in there.

Jamie Strandboge (jdstrand) wrote :

Fixed in 0.29.2

Changed in ufw:
assignee: nobody → Jamie Strandboge (jdstrand)
importance: Undecided → Medium
status: New → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ufw - 0.29.3-0ubuntu1

---------------
ufw (0.29.3-0ubuntu1) lucid; urgency=low

  * New upstream release. Fixes:
    LP: #490366
    LP: #512131
    LP: #488032
    LP: #513387
  * debian/ufw.upstart.ubuntu: start before an interface receives traffic
  * debian/postinst: don't sed or chmod a file that doesn't exist
    (LP: #503039)
  * debian/after*.rules.md5sum: updated for ucf (added additional sums for
    people using the workaround in LP: #488032)
 -- Jamie Strandboge <email address hidden> Sat, 30 Jan 2010 09:42:05 -0600

Changed in ufw (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers