View Full Version : [ubuntu] After upgrade to 10.04 LTS ufw problem occurs.

May 3rd, 2010, 08:58 AM
After upgrade to Ubuntu Server 10.04 LTS, ufw has started blocking some legitimate HTTP and FTP contacts.

What can I do to tell ufw not to block any HTTP and FTP requests.

This is what is shown in messages:

May 3 11:07:48 server kernel: [] [UFW BLOCK] IN=eth0 OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:00:00 SRC= DST= LEN=60 TOS=0x00 PREC=0x00 TTL=121 ID=9979 DF PROTO=TCP SPT=60191 DPT=80 WINDOW=16560 RES=0x00 ACK URGP=0

UFW has these settings:

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

To Action From
-- ------ ---- 21/tcp ALLOW IN Anywhere 80/tcp ALLOW IN Anywhere 443/tcp ALLOW IN Anywhere


May 3rd, 2010, 12:33 PM
First I thought that it is UFW that causes this, but after some testing, I noticed that it is something else that causes it. I disabled ufw and made my own similar iptables settings.

If a websurfer surfs to a site, and click on links on the sites too fast, a blocked message will show up in the messages log.

What could be causing this behaviour?


June 12th, 2010, 07:08 PM
I too have noticed the entries in syslog.
In my case, not only users, accessing port 80 are getting blocked, but some search engines too.

Does anybody have an idea how to fix this?

September 19th, 2010, 11:39 PM
Anyone find a solution to this? I have the same problem.

September 19th, 2010, 11:59 PM
Sounds like flood protection to me. It's blocking packets that come from the same place too fast and too many as in DDOS attack. Just a suggestion.