On 07/20/2015 03:01 PM, Jamie Strandboge wrote: > On 07/17/2015 03:27 PM, Quentin Berling wrote: >> Hi, >> I'm still having the problem. >> I just did : >> # ufw disable >> # reboot >> # ufw status >> ERROR: problem running ip6tables > > I cannot reproduce this on an up to date sid system (which has the same > version > of ufw as jessie). Attached is a script to gather various details from the > system. Please review it, copy it to /tmp/getinfo.sh, then run it like so: > > sudo sh /tmp/getinfo.sh > > Please send the resulting /tmp/ufw.tar.gz to my email address (ie, don't > attach > it to the bug since it reveals your firewall, kernel log, syslog and other > details). >
Thank you for providing this information. I looked at what you provided (note, kern.log and syslog were no help) and found that /etc/ufw/ufw.conf has 'ENABLED=yes' and /etc/init.d/ufw is missing. I then setup my sid system with ENABLED=yes and moved /etc/init.d/ufw to the side, then rebooted. The firewall was correctly not started (it can't be started because there is nothing in /etc/init.d to start it). I examined the upstart and systemd jobs on your system and there wasn't anything that would start ufw. As such, at this point I'm convinced that this issue is not with ufw itself and rather a local issue. I did notice that you had fail2ban installed. Perhaps there is a fail2ban configuration option or something that would save the running firewall such that it saved ufw's rules when it was enabled and now is restoring them on reboot? Perhaps you had iptables-persistent or something else installed that would save/reload the loaded firewall and it is somehow getting run on boot now? Perhaps you have a cron job or something that is accessing /lib/ufw/ufw-init directly? At this point, you can clean up your system by doing: 1. # /lib/ufw/ufw-init stop 2. edit /etc/ufw/ufw.conf to have ENABLED=no 3. optionally remove ufw with 'apt-get remove --purge ufw' (this will of course lose all your modifications to /etc/ufw/* and your added rules in /lib/ufw/* -- Jamie Strandboge http://www.ubuntu.com/
signature.asc
Description: OpenPGP digital signature
