gufw-developers team mailing list archive
-
gufw-developers team
-
Mailing list archive
-
Message #01797
[Bug 1401885] Re: Allowing all UDP/TCP traffic in
I'm fine, thanks, how are you?
You're right, but it does not change anything if I set the right subnet;
the problem actually comes from the fact that I've specified vboxnet0
after the ">" sign, instead of specifying "not forward": my mistake.
However, you cannot add a unique rule for both protocols: only one is
allowed ***when the ports are set***:
https://drive.google.com/file/d/0B5fXyIn0-GDFSEVQOG5meDVOTE0/view?usp=sharing
If I remove the ports number, then it's OK to add the rule:
https://drive.google.com/file/d/0B5fXyIn0-GDFZ3JFNWpwbEVuTlE/view?usp=sharing
With that rule added within gufw, the firewall accepts the communications in vboxnet0.
-------------------------------------------------------------------------------------------
The trick was to specify "Not forward" after the ">" sign. No need for ufw rule anymore :)
-------------------------------------------------------------------------------------------
--
You received this bug notification because you are a member of Gufw
Developers, which is subscribed to Gufw.
https://bugs.launchpad.net/bugs/1401885
Title:
Allowing all UDP/TCP traffic in
Status in Gufw:
New
Bug description:
Environment: Ubuntu 14.10 - Gufw 14.10.1
------------------
The configuration is basic:
- Incoming: Deny
- Outgoing: Allow
- Routing: Allow
Now, suppose you need to allow internal communication, for example all
incoming UDP/TCP traffic from a VirtualBox VM on vboxnet0 sitting on a
particular subnet, 192.168.56.0/24 is used here.
Using Gufw to implement this simple setup does NOT work (UDP
communication is still blocked - TCP configuration is not shown):
https://drive.google.com/file/d/0B5fXyIn0-GDFbUpMaW0zVTlqYUE/view?usp=sharing
However, using ufw allows us to attain our goal:
ufw status
Status: active
To Action From
-- ------ ----
192.168.56.1 1:65535/tcp ALLOW 192.168.56.0/24
192.168.56.1 1:65535/udp ALLOW 192.168.56.0/24
This simple configuration allows all UDP/TCP communication in from
192.168.56.0/24 towards the host servers.
The problem is: it is not possible to use Gufw to make that setup, and
once it is done through ufw CLI, it is not possible to display or edit
it within Gufw.
As a summary:
--------------------
- allowing all TCP/UDP communication IN is not possible with Gufw (have I missed something?)
- displaying/editing some ufw rules is not possible within gufw (have I missed something?)
To manage notifications about this bug go to:
https://bugs.launchpad.net/gui-ufw/+bug/1401885/+subscriptions
References