Ubuntu
ufw package

ufw should update logging /etc/ufw/after.rules when set to default allow

Bug #273278 reported by Jamie Strandboge on 2008-09-22

Affects		Status	Importance	Assigned to	Milestone
	ufw (Ubuntu)	Fix Released	Undecided	Jamie Strandboge

Bug Description

Binary package hint: ufw

/etc/ufw/after.rules has:

# catchall for logging
-A ufw-after-input -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK INPUT]: "
-A ufw-after-forward -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK FORWARD]: "

This works fine for a default deny firewall, but is wrong (and confusing) for a default allow firewall. This is a known upstream issue and is listed in the TODO file.

Related branches

lp:ubuntu/karmic/ufw

Jamie Strandboge (jdstrand) on 2008-09-22

Changed in ufw:
assignee:	nobody → jdstrand
status:	New → Triaged

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2008-09-28:

Fix committed in bzr

Changed in ufw:
status:	Triaged → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2008-10-02:

This bug was fixed in the package ufw - 0.23

---------------
ufw (0.23) intrepid; urgency=low

  * show protocol in status when no ports are specified (LP: #263308)
  * update after*.rules when setting default policy (LP: #273278)
  * give useful message when trying to delete a non-existent rule (LP: #251136)
  * don't print useless newlines
  * add 'translations' support to Makefile (but don't use it in build yet)
  * updated README for advanced usage
  * updated TODO
  * References
    LP: #275984

-- Jamie Strandboge <email address hidden> Mon, 29 Sep 2008 11:52:53 -0500

Changed in ufw:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuufw package