touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #75697
[Bug 1434525] Re: Router solicitation blocked, makes network-manager complain
** Changed in: ufw (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1434525
Title:
Router solicitation blocked, makes network-manager complain
Status in ufw package in Ubuntu:
Confirmed
Bug description:
In Vivid, my syslog is full of complains by network-manager about
blocked Router solicitation.
In my log, I get things like this:
...
Mar 20 12:47:04 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852024.960398] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (wlan0): cannot send router solicitation: -1.
Mar 20 12:47:04 franck-ThinkPad-T430s kernel: [ 8209.218586] [UFW BLOCK] IN= OUT=wlan0 SRC=fe80:0000:0000:0000:2677:03ff:fe8a:47a0 DST=ff02:0000:0000:0000:0000:0000:0000:0002 LEN=48 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=ICMPv6 TYPE=133 CODE=0
Mar 20 12:47:05 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852025.959574] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (eth0): cannot send router solicitation: -1.
Mar 20 12:47:08 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852028.958727] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (wlan0): cannot send router solicitation: -1.
Mar 20 12:47:09 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852029.958873] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (eth0): cannot send router solicitation: -1.
Mar 20 12:47:12 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852032.961342] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (wlan0): cannot send router solicitation: -1.
Mar 20 12:47:13 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852033.959493] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (eth0): cannot send router solicitation: -1.
Mar 20 12:47:16 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852036.960008] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (wlan0): cannot send router solicitation: -1.
Mar 20 12:47:17 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852037.959215] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (eth0): cannot send router solicitation: -1.
Mar 20 12:47:20 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852040.961811] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (wlan0): cannot send router solicitation: -1.
Mar 20 12:47:21 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852041.958641] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (eth0): cannot send router solicitation: -1.
Mar 20 12:47:24 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852044.960743] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (wlan0): cannot send router solicitation: -1.
Mar 20 12:47:24 franck-ThinkPad-T430s kernel: [ 8229.224325] [UFW BLOCK] IN= OUT=wlan0 SRC=fe80:0000:0000:0000:2677:03ff:fe8a:47a0 DST=ff02:0000:0000:0000:0000:0000:0000:0002 LEN=48 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=ICMPv6 TYPE=133 CODE=0
Mar 20 12:47:25 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852045.958895] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (eth0): cannot send router solicitation: -1.
Mar 20 12:47:28 franck-ThinkPad-T430s NetworkManager[1134]: <error> [1426852048.960527] [rdisc/nm-lndp-rdisc.c:241] send_rs(): (wlan0): cannot send router solicitation: -1.
...
and so on.
I have read through http://www.ietf.org/rfc/rfc4890.txt but this is a
bit tougth, and I like ufw doing the job for me :-).
Here is the output of ip6tables --list :
Chain INPUT (policy DROP)
target prot opt source destination
ufw6-before-logging-input all anywhere anywhere
ufw6-before-input all anywhere anywhere
ufw6-after-input all anywhere anywhere
ufw6-after-logging-input all anywhere anywhere
ufw6-reject-input all anywhere anywhere
ufw6-track-input all anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ufw6-before-logging-forward all anywhere anywhere
ufw6-before-forward all anywhere anywhere
ufw6-after-forward all anywhere anywhere
ufw6-after-logging-forward all anywhere anywhere
ufw6-reject-forward all anywhere anywhere
ufw6-track-forward all anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ufw6-before-logging-output all anywhere anywhere
ufw6-before-output all anywhere anywhere
ufw6-after-output all anywhere anywhere
ufw6-after-logging-output all anywhere anywhere
ufw6-reject-output all anywhere anywhere
ufw6-track-output all anywhere anywhere
Chain ufw6-after-forward (1 references)
target prot opt source destination
Chain ufw6-after-input (1 references)
target prot opt source destination
ufw6-skip-to-policy-input udp anywhere anywhere udp dpt:netbios-ns
ufw6-skip-to-policy-input udp anywhere anywhere udp dpt:netbios-dgm
ufw6-skip-to-policy-input tcp anywhere anywhere tcp dpt:netbios-ssn
ufw6-skip-to-policy-input tcp anywhere anywhere tcp dpt:microsoft-ds
ufw6-skip-to-policy-input udp anywhere anywhere udp dpt:dhcpv6-client
ufw6-skip-to-policy-input udp anywhere anywhere udp dpt:dhcpv6-server
Chain ufw6-after-logging-forward (1 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw6-after-logging-input (1 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw6-after-logging-output (1 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw6-after-output (1 references)
target prot opt source destination
Chain ufw6-before-forward (1 references)
target prot opt source destination
DROP all anywhere anywhere rt type:0 segsleft:0
ACCEPT all anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp destination-unreachable
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp packet-too-big
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp time-exceeded
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp parameter-problem
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-request
ufw6-user-forward all anywhere anywhere
Chain ufw6-before-input (1 references)
target prot opt source destination
ACCEPT all anywhere anywhere
DROP all anywhere anywhere rt type:0 segsleft:0
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp neighbour-solicitation HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp neighbour-advertisement HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp router-solicitation HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp router-advertisement HL match HL == 255
ACCEPT all anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmp echo-reply
ufw6-logging-deny all anywhere anywhere ctstate INVALID
DROP all anywhere anywhere ctstate INVALID
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp destination-unreachable
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp packet-too-big
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp time-exceeded
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp parameter-problem
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-request
ACCEPT udp fe80::/10 fe80::/10 udp spt:dhcpv6-server dpt:dhcpv6-client
ACCEPT udp anywhere ff02::fb udp dpt:mdns
ACCEPT udp anywhere ff02::f udp dpt:1900
ufw6-user-input all anywhere anywhere
Chain ufw6-before-logging-forward (1 references)
target prot opt source destination
Chain ufw6-before-logging-input (1 references)
target prot opt source destination
Chain ufw6-before-logging-output (1 references)
target prot opt source destination
Chain ufw6-before-output (1 references)
target prot opt source destination
ACCEPT all anywhere anywhere
DROP all anywhere anywhere rt type:0 segsleft:0
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp neighbour-solicitation HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp neighbour-advertisement HL match HL == 255
ACCEPT all anywhere anywhere ctstate RELATED,ESTABLISHED
ufw6-user-output all anywhere anywhere
Chain ufw6-logging-allow (0 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] "
Chain ufw6-logging-deny (1 references)
target prot opt source destination
RETURN all anywhere anywhere ctstate INVALID limit: avg 3/min burst 10
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw6-reject-forward (1 references)
target prot opt source destination
Chain ufw6-reject-input (1 references)
target prot opt source destination
Chain ufw6-reject-output (1 references)
target prot opt source destination
Chain ufw6-skip-to-policy-forward (0 references)
target prot opt source destination
DROP all anywhere anywhere
Chain ufw6-skip-to-policy-input (6 references)
target prot opt source destination
DROP all anywhere anywhere
Chain ufw6-skip-to-policy-output (0 references)
target prot opt source destination
DROP all anywhere anywhere
Chain ufw6-track-forward (1 references)
target prot opt source destination
Chain ufw6-track-input (1 references)
target prot opt source destination
Chain ufw6-track-output (1 references)
target prot opt source destination
Chain ufw6-user-forward (1 references)
target prot opt source destination
Chain ufw6-user-input (1 references)
target prot opt source destination
ACCEPT udp anywhere anywhere multiport dports 6881:6882
ACCEPT tcp anywhere anywhere multiport dports 6881:6882
Chain ufw6-user-limit (0 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] "
REJECT all anywhere anywhere reject-with icmp6-port-unreachable
Chain ufw6-user-limit-accept (0 references)
target prot opt source destination
ACCEPT all anywhere anywhere
Chain ufw6-user-logging-forward (0 references)
target prot opt source destination
Chain ufw6-user-logging-input (0 references)
target prot opt source destination
Chain ufw6-user-logging-output (0 references)
target prot opt source destination
Chain ufw6-user-output (1 references)
target prot opt source destination
ACCEPT tcp anywhere anywhere tcp dpt:ipp
ACCEPT udp anywhere anywhere udp dpt:ipp
ACCEPT tcp anywhere anywhere tcp dpt:domain
ACCEPT udp anywhere anywhere udp dpt:domain
ACCEPT udp anywhere anywhere udp dpt:bootps
ACCEPT tcp anywhere anywhere tcp dpt:https
ACCEPT tcp anywhere anywhere tcp dpt:http
ACCEPT tcp anywhere anywhere tcp dpt:imap2
ACCEPT tcp anywhere anywhere tcp dpt:ssh
ACCEPT tcp anywhere anywhere tcp dpt:postgresql
ACCEPT tcp anywhere anywhere tcp dpt:http-alt
ACCEPT udp anywhere anywhere multiport dports netbios-ns,netbios-dgm
ACCEPT tcp anywhere anywhere multiport dports netbios-ssn,microsoft-ds
ACCEPT tcp anywhere anywhere tcp dpt:l2f
ACCEPT tcp anywhere anywhere tcp dpt:imaps
ACCEPT tcp anywhere anywhere tcp dpt:git
ACCEPT tcp anywhere anywhere tcp dpt:whois
ACCEPT udp anywhere anywhere udp dpt:43
ACCEPT tcp anywhere anywhere tcp dpt:ircd
ACCEPT tcp anywhere anywhere tcp dpt:3389
ACCEPT udp anywhere anywhere multiport dports 6881:6882
ACCEPT tcp anywhere anywhere multiport dports 6881:6882
Maybe /etc/ufw/before6.rules should be adjusted ? (or maybe it's a bug
in Network-manager?)
ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: ufw 0.34~rc-0ubuntu5
ProcVersionSignature: Ubuntu 3.19.0-9.9-generic 3.19.1
Uname: Linux 3.19.0-9-generic x86_64
ApportVersion: 2.16.2-0ubuntu3
Architecture: amd64
CurrentDesktop: Unity
Date: Fri Mar 20 12:43:56 2015
InstallationDate: Installed on 2014-12-13 (96 days ago)
InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Release amd64 (20141022.1)
PackageArchitecture: all
SourcePackage: ufw
UpgradeStatus: No upgrade log present (probably fresh install)
mtime.conffile..etc.default.ufw: 2015-03-17T18:03:15.349146
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1434525/+subscriptions
References