← Back to team overview

gufw-developers team mailing list archive

  1. gufw-developers team
  2. Mailing list archive
  3. Message #00648

[Bug 626155] Re: Ufw firewal not activated by default after ubuntu 10.04 installation.

  Thread PreviousDate PreviousThread Next 
This sounds like a gufw specific issue. ufw by default does not have IPv6 support enabled, so what it does instead is that if it is available on the host, it will disallow all incoming and outgoing traffic, except on the loopback. This is not clear with 'ip6tables -L'. Use the following:
$ sudo ip6tables -n -v -L
Chain INPUT (policy DROP 32 packets, 7237 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    2   140 ACCEPT     all      lo     *       ::/0                 ::/0                

Chain FORWARD (policy DROP 47 packets, 4997 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy DROP 466 packets, 77344 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    2   140 ACCEPT     all      *      lo      ::/0                 ::/0

See 'man ufw' for more information on IPv6 support.

** Package changed: ufw (Ubuntu) => gui-ufw (Ubuntu)

** Visibility changed to: Public

** This bug is no longer flagged as a security vulnerability

-- 
Ufw firewal not activated by default after ubuntu 10.04 installation.
https://bugs.launchpad.net/bugs/626155
You received this bug notification because you are a member of Gufw
Developers, which is subscribed to gui-ufw in ubuntu.

Status in “gui-ufw” package in Ubuntu: New

Bug description:
Binary package hint: ufw

Ubuntu release 10.04
Package ufw (default firewall).

Description of the bug:
Ufw firewal not activated by default after ubuntu 10.04 installation.

Here is results of 'iptables -L' command just after installation:
root@jcc-desktop:/home/jcc# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

With such rules any incoming packet is entering in memory with any control.
For 'chain INPUT' and 'chain FORWARD' default policies should be DROP. 

As soon the user activates ufw with gufw, every thing is OK. 
But if this verification is not made, the system is staying without firewall protection.
  Thread PreviousDate PreviousThread Next