gufw-developers team mailing list archive

Thread
Date

[Bug 566764] Re: Enabling firewall with the default rules breaks mintUpdate

To: gufw-developers@xxxxxxxxxxxxxxxxxxx
From: B Bobo <yout.bobo123@xxxxxxxx>
Date: Thu, 22 Apr 2010 17:07:04 -0000
Reply-to: Bug 566764 <566764@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

While trying a few things out, I noticed that I cannot ssh anywhere
after enabling the firewall (using either gufw or "ufw enable" from the
cmdline). The outgoing ssh connection just sits there forever; according
to ssh in verbose mode, it is stuck in the connecting stage. There are
no log messages of any packet blocks on port 22. If I disable the
firewall, I can ssh anywhere again. I am not sure what is going on yet,
but I am looking into it. Will be going offline in next hour or so.

--
Enabling firewall with the default rules breaks mintUpdate
https://bugs.launchpad.net/bugs/566764
You received this bug notification because you are a member of Gufw
Developers, which is the registrant for Gufw.

Status in Gufw: New
Status in The Linux Mint Distribution: Triaged
Status in ufw - Uncomplicated Firewall: New
Status in “gui-ufw” package in Ubuntu: Invalid

Bug description:
In Mint 8 Helena, enabling the firewall by clicking the Enabled button in the Firewall dialog creates a very odd set of default rules that over-cautiously blocks input packets with no allowance being made for RELATED,EXISTING connections. This is undesirable and has several consequences - for example, it completely breaks mintUpdate which can no longer receive data from Canonical's servers on port 80:

[UFW BLOCK] IN=eth0 OUT= MAC=00:29:aa:6b:13:ca:00:21:1b:52:ef:b0:a7:00 SRC=91.189.88.46 DST=192.168.50.8 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=55764 PROTO=TCP SPT=80 DPT=32948 WINDOW=1024 RES=0x00 RST URGP=0