Ubuntu
ufw package

ufw manpage says limit is IPv4 only?

Asked by Mike Pastore

Hi folks,

The manpage for ufw (in Xenial, at least) says of `limit' that "Currently only IPv4 is supported." However, ufw will happily let you add IPv6 limit rules, and they appear to work. Is this some bit of outdated information from an older version of ufw that needs to be expunged from the manpage?

Thank you!

Mike

Question information

Language:
English Edit question
Status:
Expired
For:
Ubuntu ufw Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Bhavani Shankar (bhavi) said : 		#1

Hi

Its the same in zesty package too.. can you provide an example with the rule syntax so that the devs can look at updating the manpage..

Thanks!

Revision history for this message
Launchpad Janitor (janitor) said : 		#2

This question was expired because it remained in the 'Needs information' state without activity for the last 15 days.

Revision history for this message
Mike Pastore (mwpastore) said : 		#3

Sure.

mwp@ubuntu:~$ sudo ufw limit OpenSSH
Rules updated
Rules updated (v6)
mwp@ubuntu:~$ sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup
mwp@ubuntu:~$ sudo ufw status verbose | grep OpenSSH | grep v6
22/tcp (OpenSSH (v6)) LIMIT IN Anywhere (v6)

mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
The authenticity of host '2600:3c02::f03c:91ff:fee7:3eb7 (2600:3c02::f03c:91ff:fee7:3eb7)' can't be established.
ECDSA key fingerprint is cc:36:2d:8d:c4:47:53:72:9f:65:3a:66:36:cb:63:ec.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '2600:3c02::f03c:91ff:fee7:3eb7' (ECDSA) to the list of known hosts.
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
ssh: connect to host 2600:3c02::f03c:91ff:fee7:3eb7 port 22: Connection refused
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
ssh: connect to host 2600:3c02::f03c:91ff:fee7:3eb7 port 22: Connection refused
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
ssh: connect to host 2600:3c02::f03c:91ff:fee7:3eb7 port 22: Connection refused
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
ssh: connect to host 2600:3c02::f03c:91ff:fee7:3eb7 port 22: Connection refused
mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
ssh: connect to host 2600:3c02::f03c:91ff:fee7:3eb7 port 22: Connection refused

(wait a bit)

mwp@other-ubuntu:~$ ssh 2600:3c02::f03c:91ff:fee7:3eb7 true
mwp@other-ubuntu:~$ echo $?
0

Revision history for this message
Launchpad Janitor (janitor) said : 		#4

This question was expired because it remained in the 'Open' state without activity for the last 15 days.