Comment 9 for bug 194844
Revision history for this message
| Sam Johnston (samj) wrote Re: [Hardy] ufw doesn't start in a networked environment | #9 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
This appears to be a problem with IPv6 support being required by ufw even when the user doesn't request it.
Although IPv6 is enabled by default in hardy, VPS providers do not appear to support it (like vpslink.com, per below - IP addresses changed to protect the innocent).
# ufw --version
ufw 0.16.2
Copyright (C) 2008 Canonical Ltd.
# ufw status
Firewall not loaded
# ufw enable
ERROR: problem running init script
# /etc/init.d/ufw force-reload
* Stopping firewall: ufw...
FATAL: Could not load /lib/modules/
ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
FATAL: Could not load /lib/modules/
ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
FATAL: Could not load /lib/modules/
ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
FATAL: Could not load /lib/modules/
ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
FATAL: Could not load /lib/modules/
ip6tables v1.3.8: can't initialize ip6tables table `filter': iptables who? (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
...fail!
# iptables -L -n
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw-before-output all -- 0.0.0.0/0 0.0.0.0/0
ufw-after-output all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-after-forward (1 references)
target prot opt source destination
LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK FORWARD]: '
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-after-input (1 references)
target prot opt source destination
RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:137
RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:138
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK INPUT]: '
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-after-output (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-forward (1 references)
target prot opt source destination
ufw-user-forward all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-input (1 references)
target prot opt source destination
ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-before-output (1 references)
target prot opt source destination
ufw-user-output all -- 0.0.0.0/0 0.0.0.0/0
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-not-local (0 references)
target prot opt source destination
Chain ufw-user-forward (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-user-input (1 references)
target prot opt source destination
ACCEPT all -- 1.2.3.4 0.0.0.0/0
ACCEPT all -- 1.2.3.5 0.0.0.0/0
ACCEPT all -- 1.2.3.6 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain ufw-user-output (1 references)
target prot opt source destination
RETURN all -- 0.0.0.0/0 0.0.0.0/0