Software conflict between iptables and ufw? SOLVED!

Message

rayos · #1 Post by **rayos** » 2020-02-10 11:08

Debian Bullseye. Packages: ufw 0.36-1 and Iptables 1.8.4-2

###############

Hello everybody! Ufw now doesn't work after a package update and if it's enable internet is blocked.

While doing a reboot some minutes ago, the PC lost the graphic environment and the internet connection.

The screen went black, but by pressing "Ctrl + Alt + F1" I could access a tty and recover the desktop environment using the startx command

I checked with cat /var/log/dpkg.log | grep "status installed" the last packages installed and I saw that one of the updated packages was "iptables".

In order to test if it was a problem with the firewall I deactivated the ufw firewall interface and everything went back to normal again.

With ufw disabled everything works fine again and when doing a reboot the desktop environment appears without using startx, but with ufw enabled I have to activate the X with startx command and the internet connection is blocked.

I guess this is an incompatibility between the new version of iptables and the old ufw version in the Debian testing repository.

$ iptables --version
iptables v1.8.4 (nf_tables)

$ ufw --version
ufw 0.36
Copyright 2008-2015 Canonical Ltd.

If I start ufw it gives an error warning and internet crashes:

# ufw enable
ERROR: problem running ufw-init
iptables-restore: COMMIT expected at line 21
iptables-restore: line 2 failed
iptables-restore: line 2 failed
ip6tables-restore: COMMIT expected at line 21
ip6tables-restore: line 2 failed
ip6tables-restore: line 2 failed
Problem running '/etc/ufw/user.rules'
Problem running '/etc/ufw/user6.rules'

# ufw status
Status: active

$ ping -c1 google.com
... there is no Internet conection

# ufw disable
Firewall stopped and disabled on system startup

$ ping -c1 google.com
... with ufw disabled there's internet connection

I uninstalled ufw by purging the configuration files, reinstalled it again and I get the same error message, but now without the "problem running" warnings.

I imagine the problem will be that Debian updated iptables without realizing that ufw would fail, I don't know.

All the best!

#2 Post by **fabien** » 2020-02-10 14:03

There is a bug report: #949739 iptables: ufw fails with iptables 1.8.4-2 https://bugs.debian.org/cgi-bin/bugrepo ... bug=949739
The maintainer proposes a workaround.
edit: typo

#3 Post by **sunrat** » 2020-02-10 20:34

I had the same issue a couple of weeks ago in Sid. I only installed ufw to easily open ports for Syncthing, but it works fine now anyway after uninstalling ufw.

Chrisdb · #4 Post by **Chrisdb** » 2020-02-11 19:47

you can also start using nftables:
https://wiki.nftables.org/wiki-nftables ... o_nftables

if that's an option of course

rayos · #5 Post by **rayos** » 2020-02-13 00:26

Chrisdb wrote:you can also start using nftables:
https://wiki.nftables.org/wiki-nftables ... o_nftables

if that's an option of course

Yes, I'm using nftables now, Thank you!

http://forums.debian.net/viewtopic.php?f=16&t=143876

I'm reading some tutorials to catch up on the issue of nftables to be able to use it much better than right now.

I didn't know iptables is already becoming obsolete.

OK. The problem with ufw is caused by a bug.

Thanks to all of you!

Bye! Solved.

Edit. Typo.

Debian User Forums

Software conflict between iptables and ufw? SOLVED!

Software conflict between iptables and ufw? SOLVED!

Re: Software conflict between iptables and ufw?

Re: Software conflict between iptables and ufw?

Re: Software conflict between iptables and ufw?

Re: Software conflict between iptables and ufw?