Ubuntu: UFW Blocking Legitimate Traffic



Question:

I am currently getting this kind of message in the UFW and sys logs:

xxx kernel: [4962636.572484] [UFW BLOCK] IN=et0 OUT= MAC= SRC=xxx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxx LEN=52 TOS=0x00 PREC=0x00 TTL=52 ID=xxxx DF PROTO=TCP SPT=22 DPT=52209 WINDOW=1452 RES=0x00 ACK URGP=0  

The issue is similar to This except that the IP being blocked is my computer and it is blocking my automated backup SSH connections.

I am at a complete loss as to how to stop UFW from blocking my server. Normally I would prefer fail2ban to handle all sftp/ssh/scp however in this case UFW appears to have taken action on its own and is blocking inbound SSH attempts.

I have tried whitelisting my IP using ufw allow from xxx.xxx.xxx.xxx

Heres my UFW status:

To                         Action      From  --                         ------      ----  Anywhere                   ALLOW       xxx.xxx.xxx.xxx  22                         ALLOW       Anywhere  

Where xxx.xxx.xxx.xxx is my off site backup computers IP.

Both machines are running Ubuntu server 14.04.4 and the normal apt-get install of UFW.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »