Thank you for using Ubuntu and taking the time to report a bug. I'll need to look at this more before considering making changes, but I did want to say in the meantime that /etc/ufw/*.rules are there for you as an administrator to adjust as necessary for your site requirements. Feel from to remove those lines from before.rules and adjust after.rules to have: -A ufw-after-input -m state --state RELATED,ESTABLISHED -j ACCEPT -A ufw-after-output -m state --state RELATED,ESTABLISHED -j ACCEPT
For large rulesets, this may affect performance, but I imagine in most ufw setups it won't make any appreciable difference. Thanks again and report back how this works out for you. ** Changed in: ufw (Ubuntu) Importance: Undecided => Wishlist -- User deny rules should override connection tracking https://bugs.launchpad.net/bugs/507469 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs