0

I'm trying to get a message logged to /var/log/ufw.log when blocking packets. It's all working very well, until I change the default behaviour for incoming connections.

I use ufw default allow incoming to allow all incoming connections by default.

Then, I add ufw reject from <my-ip>. However, nothing is logged.

I also tried using ufw deny from <my-ip>. Same issue.

The file /etc/rsyslog.d/20-ufw.conf is correctly configured. I've also tried changing the log level with ufw logging <level> with low, medium and full only to find that BLOCK messages are not logged. Every other message is correctly logged though (ALLOW and AUDIT).

Please help.

Improve this question
1
  • The basic defaault for ufw is to deny all incoming and allow all outgoing, it may be better for you to install gufw, that is a the GUI for UFW, and please edit your question, add version of Ubuntu.
    – amar
    Commented May 30 at 20:24

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .