I forgot to mention.. I tried to add these line in multiple places in /etc/ufw/before.rules. I does not matter where these are in the file. -A ufw-before-input -m geoip --src-cc KR,CN,IN,RU,TR,VN,UA,BR,VE,JP -m limit --limit 3/minute -j LOG --log-level 4 --log-prefix '[UFW COUNTRY BLOCK] ' -A ufw-before-input -m geoip --src-cc KR,CN,IN,RU,TR,VN,UA,BR,VE,JP -j DROP
after that i do : ufw disable && ufw enable the exact error message is : ERROR: problem running ufw-init ( all other rules are proccessed ok. ) if i do add the iptables lines on commandline then they show up as they should and work ok. Chain ufw-before-input (1 references) target prot opt source destination ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 Source countries: KR,CN,IN,RU,TR,VN,UA,BR,VE,JP limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW COUNTRY BLOCK] " DROP all -- 0.0.0.0/0 0.0.0.0/0 Source countries: KR,CN,IN,RU,TR,VN,UA,BR,VE,JP All my "custom" messages are now also in /var/log/ufw.log If you need more info, just ask. Thanks Louis
