The tcp syncookies issues is not a ufw bug. In fact, toggling it one way
are another your logs show the same kernel message.

The real issue is sane not working with ufw enabled. You need to use the
nf_conntrack_sane module. See
https://bugs.launchpad.net/ufw/+bug/1595046/comments/14 for details.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1631553

Title:
  With UFW enabled, kernel reports SYN flooding

Status in ufw package in Ubuntu:
  Invalid

Bug description:
  So, this is a fun one.

  I have an Epson XP-610 multifunction
  scanner/printer/coffeemaker/whiskey distillery. It uses an XSane
  plugin, which spawns an intermediary network app
  (/usr/lib/iscan/network) which detects and talks to the scanner. These
  packages can all be obtained from here:
  http://support.epson.net/linux/en/iscan_c.html.

  Anyway, if you have UFW disabled, it works. If you enable UFW, however
  it works intermittently and takes forever to start up. Checking my
  syslog, I find:

  Oct  6 22:48:00 hiro kernel: [48176.543355] TCP: request_sock_TCP:
  Possible SYN flooding on port 40796. Dropping request.  Check SNMP
  counters.

  A wireshark capture shows two things:
  1.) It is communicating on that port on the "lo" interface, not any real 
interface.
  2.) There's one SYN. Not a lot. Just a single SYN. And then TCP retries. And 
then eventually it works. Sometimes.

  Anyway, if I edit /etc/ufw/sysctl.conf, and set
  net/ipv4/tcp_syncookies=1, and then disable and reenable UFW, it
  works, with the following syslog entry:

  Oct  7 20:26:18 hiro kernel: [13666.745140] TCP: request_sock_TCP:
  Possible SYN flooding on port 42751. Sending cookies.  Check SNMP
  counters.

  Now, to be clear, I think the syncookies is a workaround for a more
  serious problem. Namely, why does the kernel think it's under attack
  to begin with?

  Anyway, I'm not certain this is really a UFW bug, but I'm starting
  here because UFW seems to make it worse. Feel free to reclassify as a
  kernel bug.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: ufw 0.35-0ubuntu2
  ProcVersionSignature: Ubuntu 4.4.0-38.57-generic 4.4.19
  Uname: Linux 4.4.0-38-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Fri Oct  7 20:20:00 2016
  PackageArchitecture: all
  SourcePackage: ufw
  UpgradeStatus: Upgraded to xenial on 2016-09-30 (7 days ago)
  mtime.conffile..etc.ufw.sysctl.conf: 2016-10-06T23:11:58.680226

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1631553/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to     : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to