ufw blocks some incoming https packet although it is not supposed to?
0
I setup ufw on a box which should expose only a web server and SSH to the outside world:
# ufw default deny incoming
# ufw default allow outgoing
# ufw allow ssh
# ufw allow http
# ufw allow https
# ufw enable
Result:
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
I can access the box through SSH and also see the website. But checking the /var/log/ufw.log reveals that there are some incoming TCP 443 port (https) packets blocked. There are a ton, this is just one example:
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=16809 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=17870 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=26100 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=27154 PROTO=TCP SPT=59132 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=30397 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=33789 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=46841 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=49253 PROTO=TCP SPT=59132 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:11 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=54907 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:11 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=63351 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:39 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=64158 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Why is that? (Note: I masked out the IP address of the server and MAC address to preserve anonymity)
I haven't seen this for a while now. 99% of my blocked packets fall into the broadcast category (destined to 224.0.0.1 from my wireless router). I checked the IP 149.55.24.4 and it doesn't seem to exist right now.
server firewall log ufw
asked Jun 15 '18 at 16:16
Csaba TothCsaba Toth
3971618
add a comment |
0
I setup ufw on a box which should expose only a web server and SSH to the outside world:
# ufw default deny incoming
# ufw default allow outgoing
# ufw allow ssh
# ufw allow http
# ufw allow https
# ufw enable
Result:
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
I can access the box through SSH and also see the website. But checking the /var/log/ufw.log reveals that there are some incoming TCP 443 port (https) packets blocked. There are a ton, this is just one example:
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=16809 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=17870 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=26100 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=27154 PROTO=TCP SPT=59132 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=30397 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=33789 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=46841 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=49253 PROTO=TCP SPT=59132 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:11 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=54907 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:11 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=63351 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:39 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=64158 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Why is that? (Note: I masked out the IP address of the server and MAC address to preserve anonymity)
I haven't seen this for a while now. 99% of my blocked packets fall into the broadcast category (destined to 224.0.0.1 from my wireless router). I checked the IP 149.55.24.4 and it doesn't seem to exist right now.
server firewall log ufw
asked Jun 15 '18 at 16:16
Csaba TothCsaba Toth
3971618
add a comment |
0
0
0
I setup ufw on a box which should expose only a web server and SSH to the outside world:
# ufw default deny incoming
# ufw default allow outgoing
# ufw allow ssh
# ufw allow http
# ufw allow https
# ufw enable
Result:
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
I can access the box through SSH and also see the website. But checking the /var/log/ufw.log reveals that there are some incoming TCP 443 port (https) packets blocked. There are a ton, this is just one example:
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=16809 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=17870 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=26100 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=27154 PROTO=TCP SPT=59132 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=30397 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=33789 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=46841 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=49253 PROTO=TCP SPT=59132 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:11 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=54907 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:11 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=63351 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:39 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=64158 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Why is that? (Note: I masked out the IP address of the server and MAC address to preserve anonymity)
I haven't seen this for a while now. 99% of my blocked packets fall into the broadcast category (destined to 224.0.0.1 from my wireless router). I checked the IP 149.55.24.4 and it doesn't seem to exist right now.
server firewall log ufw
asked Jun 15 '18 at 16:16
Csaba TothCsaba Toth
3971618
I setup ufw on a box which should expose only a web server and SSH to the outside world:
# ufw default deny incoming
# ufw default allow outgoing
# ufw allow ssh
# ufw allow http
# ufw allow https
# ufw enable
Result:
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
I can access the box through SSH and also see the website. But checking the /var/log/ufw.log reveals that there are some incoming TCP 443 port (https) packets blocked. There are a ton, this is just one example:
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=16809 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=17870 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=26100 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:09 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=27154 PROTO=TCP SPT=59132 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=30397 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=33789 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=46841 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:10 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=49253 PROTO=TCP SPT=59132 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:11 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=54907 PROTO=TCP SPT=28910 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:11 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:79:c1:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=63351 PROTO=TCP SPT=7158 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Jun 15 07:35:39 blabla kernel: [UFW BLOCK] IN=eth0 OUT= MAC=**:**:**:**:**:**:**:**:**:**:a6:41:08:00 SRC=149.55.24.4 DST=**.**.**.** LEN=52 TOS=0x08 PREC=0x40 TTL=46 ID=64158 PROTO=TCP SPT=24484 DPT=443 WINDOW=65535 RES=0x00 ACK FIN URGP=0
Why is that? (Note: I masked out the IP address of the server and MAC address to preserve anonymity)
I haven't seen this for a while now. 99% of my blocked packets fall into the broadcast category (destined to 224.0.0.1 from my wireless router). I checked the IP 149.55.24.4 and it doesn't seem to exist right now.
server firewall log ufw
server firewall log ufw
asked Jun 15 '18 at 16:16
Csaba TothCsaba Toth
3971618
asked Jun 15 '18 at 16:16
Csaba TothCsaba Toth
3971618
edited 10 hours ago
Csaba Toth
asked Jun 15 '18 at 16:16
Csaba TothCsaba Toth
3971618
asked Jun 15 '18 at 16:16
Csaba TothCsaba Toth
3971618
asked Jun 15 '18 at 16:16
Csaba TothCsaba Toth
3971618
3971618
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1046913%2fufw-blocks-some-incoming-https-packet-although-it-is-not-supposed-to%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
draft saved
draft discarded
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1046913%2fufw-blocks-some-incoming-https-packet-although-it-is-not-supposed-to%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
