UFW with 10.04 blocks outgoing internet traffic, 9.04 worked without any issue.

Asked by Kalven Slade on 2010-09-21

Configuration I have a cable modem connected to a router with my computer connected to the router, and my IP is statically set.

With Ubuntu 9.04 and UFW I used a "default deny," I then setup "22 limit anywhere" and 443/tcp allow anywhere" this worked great and let me browse out to the internet and only have incoming traffic to 22 and 443.

However with Ubuntu 10.04 I am having major problems, I have it setup this way:

With Ubuntu 10.04 I use "default deny in" and "default allow out." I then setup "443/tcp allow in anywhere" and "22 limit in anywhere" with this setup I can't even browse the web; "http://ubuntuforums.org" times out for example. The only way I can browse the web is to disable UFW completely. I even tried setting UFW with "allow" as default for both "in" and "out" but this also causes the web not to work.

Any suggestions?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu ufw Edit question
Assignee:
No assignee Edit question
Solved by:
Kalven Slade
Solved:
2010-10-07
Last query:
2010-10-07
Last reply:
2010-09-21
Kalven Slade (sladekal) said : #3

Well, I had read most of those already. As of yesterday I install some updates and rebooted, not it works... Kind of annoying as it has never worked until yesterday, I am going to see if I can replicate it in virtual-box.

Kalven Slade (sladekal) said : #4

Well, after getting kernel update and rebooting yesterday, UFW now blocks my outgoing internet traffic again. Had to disable it to get out.

Kalven Slade (sladekal) said : #5

After trying too many things I found on the Internet that failed to correct the issue, I had to use "Synaptic Package Manager" and do a "Mark for Complete Removal" for both "ufw" and "gufw" then reinstall. It all works again!

Mduduzi (faithback) said : #6

Sorry, but this is not a solution. It is a work-around. The problem is sever because in this time of remote virtual servers, there is absolutely no way to recover. We only search for this bug AFTER loosing access to our server!