[Cialug] ufw not working
David Champion
dchamp1337 at gmail.com
Thu Oct 12 02:54:00 UTC 2023
Would guess it's an order issue - that drop rule needs to appear before
anything that would have allowed it in.
-dc
On Wed, Oct 11, 2023 at 6:09 PM L. V. Lammert <lvl at omnitec.net> wrote:
> Installed ufw on a Debian 10 box to permanently block some of the
> malicious traffic appearing in fail2ban.
>
> Unfortunately, even with a ban at the very top, traffic does not get
> rejected:
>
> # ufw status
> Status: active
>
> To Action From
> -- ------ ----
> Anywhere DENY 108.165.188.68
> 80 ALLOW Anywhere
> 25 ALLOW Anywhere
> 53 ALLOW Anywhere
> 2206 ALLOW Anywhere
> 443 ALLOW Anywhere
>
> The ban DOES appear in iptables:
>
> Chain ufw-user-input (1 references)
> pkts bytes target prot opt in out source
> destination
> 0 0 DROP all -- * * 108.165.188.68
> 0.0.0.0/0
>
> But, as shown, it has not blocked any traffic at all - almost like the
> ufw-user-input chain is never seeing traffic.
>
> Is there something special required when installing ufw to activate those
> chains?
>
> TIA!
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> https://www.cialug.org/cgi-bin/mailman/listinfo/cialug
>
More information about the Cialug
mailing list