You are not logged in.

#1 2012-05-06 01:51:12

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

problem loading ufw logging rules

Ideas why?

# pacman -S ufw
# ufw default deny
# ufw allow from 192.168.0.0/24
# ufw allow SSH
# ufw enable
ERROR: Could not load logging rules

CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

#2 2012-05-09 01:47:36

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

Re: problem loading ufw logging rules

Ah!  Problem seems to be IPV6.  Setting "IPV6=yes" to "IPV6=no" in /etc/default/ufw allows it to start for some reason.

http://blog.bodhizazen.net/linux/how-to … templates/

Thoughts?

Last edited by graysky (2012-05-09 01:54:19)


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

#3 2012-05-09 02:05:49

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: problem loading ufw logging rules

I have it set to "no" and have no issues on any of my machines...


Have you disabled IPv6?


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#4 2012-05-09 02:09:44

graysky
Wiki Maintainer
From: :wq
Registered: 2008-12-01
Posts: 10,595
Website

Re: problem loading ufw logging rules

jasonwryan wrote:

I have it set to "no" and have no issues on any of my machines...
Have you disabled IPv6?

Don't think so:

 cat /etc/sysctl.conf 
# /etc/sysctl.conf - Configuration file for setting system variables
# See sysctl.conf (5) for information.

# you can have the CD-ROM close when you use it, and open
# when you are done.
#dev.cdrom.autoeject = 1
#dev.cdrom.autoclose = 1

# protection from the SYN flood attack
net.ipv4.tcp_syncookies = 1

# see the evil packets in your log files
#net.ipv4.conf.all.log_martians = 1

# if not functioning as a router, there is no need to accept redirects or source routes
#net.ipv4.conf.all.accept_redirects = 0
#net.ipv4.conf.all.accept_source_route = 0
#net.ipv6.conf.all.accept_redirects = 0
#net.ipv6.conf.all.accept_source_route = 0

# Disable packet forwarding
net.ipv4.ip_forward = 0
net.ipv6.conf.all.forwarding = 0

# sets the port range used for outgoing connections
#net.ipv4.ip_local_port_range = 32768    61000

# Swapping too much or not enough? Disks spinning up when you'd
# rather they didn't? Tweak these.
#vm.vfs_cache_pressure = 100
#vm.laptop_mode = 0
#vm.swappiness = 60

#kernel.printk_ratelimit_burst = 10
#kernel.printk_ratelimit = 5
#kernel.panic_on_oops = 0

# Reboot 600 seconds after a panic
#kernel.panic = 600

# Disable SysRq key (note: console security issues)
kernel.sysrq = 0

If it's set to 'yes' then it doesn't start... setting to 'no' allows normal operation.

Last edited by graysky (2012-05-09 02:10:36)


CPU-optimized Linux-ck packages @ Repo-ck  • AUR packagesZsh and other configs

Offline

#5 2012-05-09 02:51:33

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: problem loading ufw logging rules

It was a hunch. Doing this seems popular here, it was all I could think of that might be conflicting with the ufw setting...


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#6 2012-05-09 03:50:44

Strike0
Member
From: Germany
Registered: 2011-09-05
Posts: 1,429

Re: problem loading ufw logging rules

For statistics: I have not blocked IPv6 here and never had any issues with starting ufw.

/etc/ufw/sysctl.conf wrote:

# Configuration file for setting network variables. Please note these settings
# override /etc/sysctl.conf. If you prefer to use /etc/sysctl.conf, please
# adjust IPT_SYSCTL in /etc/default/ufw.

Did you take into account that?

Offline

Board footer

Powered by FluxBB