UFW 0.36.1 against Iptables >= 1.8

What is the output of:

lsb_release -a; uname -a; apt-cache policy ufw

Thanks

Sorry but due to Canonical unwise decision to drop support to 32bit I'm not able to run version higher than 18.10 and in 18.10 Ufw works flawlessly cause iptables 1.6 is still in use.

That's why I asked you to check if on eoan (only 64bit) with Iptables 1.8 Ufw works.

Iptables backend change since version 1.8 led a change in rules' syntax so as already higlighted by Debian 10 & antiX-19 (still available for 32bit that's why I'm able to check) Ufw 0.36.1 rules still written with Iptables 1.6 rules' syntax should be translated as explained here https://wiki.nftables.org/wiki-nftables/index.php/Moving_from_iptables_to_nftables or rewritten from scratch to work.

Ny two cents, due to old hadware no longer considered by Canonical I'm not able to give you more.

Let me know, if you are glad, if $ ufw enable works flawlessly or return rules errors on eoan.

What is the output of the command

lscpu | grep -i mod

Sorry for the delay but I had to find an x64 machine which I don't own. A friend has lent me an hold netbook with an Atom N455 and I'm working since 2 days trying to figure out where is the issue.

It doesn't seem kernel's modules related, in such case neither release 0.35 would work I suppose but v. 0.35 works flawlessly and also v. 0.36 from Debian Buster works flawlessly... if you dowgrade iptables.

After two days working on the issue I'm over.

It was a bit long to post so I uploaded the report on my hosting

https://pclinux.eu/downloads/Ufw-0.36_antiX-19_Check_and_Specs

Hope this helps.

Yoghi

Is this question still needed?

Yes! It's a lot needed.

I need to discover if it's an ufw bug or an iptables bug.

ufw or iptables doesn't like modules even if loaded

yoghi@ranger:~
$ lsmod |grep af_packet
af_packet 34345 10

but wants absolutely it as a builtin.

GNU/Linux != Windows

Who? Ufw or Iptables?

And why?

I found the root cause but I need help to understand if this few polite (IMHO) approach depends on Ufw or Iptables.

Thanks a lot indeed for your support!

Yoghi

Hallo Manfred

I was asking here cause it's the "home" of ufw, where to find a best place to meet people which have maybe the best ufw knowledge and I was right You pointed me in the right way can I say... Vielen herzlichen Dank! ehrlich gesagt.

I was asking here also if I don't use Ubuntu cause I thought that GNU/Linux as all the free software was a free world, without borders but this time I was maybe wrong looking at your answer. :-(

Anyway thank to your support I have understood.

I had to discover why were modules required built-in.

The requirement of built-in modules seems a lack in code portability of ufw cause it seems that iptables can run flawlessly also pre-loading modules at iptables startup which normally is system startup

http://www.linuxfromscratch.org/blfs/view/svn/postlfs/iptables.html

I had to discover which module was missing looking from ufw perspective and I did a comparison between Lubuntu 19.10 Debian 10 and antiX19 which I use cause at the moment I still use i686 laptops.
 I discovered that the missing module seems af_packet but I'm not yet sure, I have to ask to iptables guys, if it's so and you are glad - so you can add it in the README requirements - I'll let you know.
From ufw README I understood that which kind of modules were required was not up to you.

Many thanks indeed for your cooperation, without you I would be still lost but instead I've found the right way. Ich hätte nicht gerne zu schrein aber... THANKS to everyone here not only to Manfred.

Thanks Manfred Hampl, that solved my question.