gufw-developers team mailing list archive
-
gufw-developers team
-
Mailing list archive
-
Message #01868
Re: [Bug 1441850] [NEW] Gufw "Advanced" configuration does not really work.
On Wed, Apr 8, 2015 at 10:51 PM, Aaron <lafeyette.management@xxxxxxxxx>
wrote:
> When trying to configure GUFW to block all access to a server EXCEPT
> that originating on our internal network (which is somewhat open to the
> public), GUFW simply throws an error, claiming ERROR: Wrong number of
> arguments.
>
Hi Aaron!
Please, could you send me a screenshot of that? :) Thanks in advance!
--
You received this bug notification because you are a member of Gufw
Developers, which is subscribed to Gufw.
https://bugs.launchpad.net/bugs/1441850
Title:
Gufw "Advanced" configuration does not really work.
Status in Gufw:
New
Bug description:
Regarding GUFW as available for Ubuntu 14.04 and later (14.04.2 LTS)
When trying to configure GUFW to block all access to a server EXCEPT
that originating on our internal network (which is somewhat open to
the public), GUFW simply throws an error, claiming ERROR: Wrong number
of arguments.
Under the ADVANCED tab, I was trying to specify that ssh requests
coming in from our internal class B network, XXX.YYY.0.0/16 should be
allowed in on port 22. To do this, I specified the IP address of the
network in the FROM field, and the PORT in the TO field, leaving the
PORT in the from field unfilled in and the IP address in the TO field
blank.
All I get is an error placed in the log: ERROR: Wrong number of
arguments.
This tells me nothing useful.
However, in the older version of Gufw, version 12.04.1, (as is available with Ubuntu 12.04), this same configuration technique works perfectly.)
So far, the only way around this seems to be to manipulate the
underlying UFW directly, but that is not very easy as the command-line
configuration is, shall we say, rather less than intuitive (as in
"needlessly arcane, finicky, non-standard and complex")
Of course, however, rules applied to UFW directly cannot be modified
or even looked at from Gufw. Worse, if I copy a rule that
approximates what I want, then try to modify it, Gufw deletes the
original rule, claims to have added the new one, but examination of
the log reveals that the modified rule has failed, so it ends up
stripping both the original copied rule and the modified one. I would
have expected to be shown the error and the original rule that I
copied left there, unchanged. Evidently, however, the actual error-
checking only occurs AFTER the rule was copied and modified, rather
than before attempting to modify. Not good.
An inexperienced systems administrator could very well be fooled into
thinking the changed rule worked when, in fact, it did not, so no
error message is displayed. Busy systems admins don't always think to
check the log, especially if the log is known to not provide very much
useful or helpful information. "ERROR: Wrong number of arguments." is
definitely in the category of "not very useful or helpful."
To manage notifications about this bug go to:
https://bugs.launchpad.net/gui-ufw/+bug/1441850/+subscriptions
Follow ups
References