Here is my status:
$ sudo ufw status verbose
Status: active
Logging: on (medium)
Default: deny (incoming), allow (outgoing)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN AnywhereAll outgoing flow are allowed. Now when I am doing:
$ wget
--2013-07-30 14:28:00--
Resolving failed: Name or service not known.
wget: unable to resolve host address `What I see in /var/log/kern.log is that the traffic is, indeed, blocked:
Jul 30 14:11:27 XXXXXX kernel: [2207680.256415] [UFW BLOCK] IN=lo OUT= MAC=XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=62240 DF PROTO=UDP SPT=35323 DPT=53 LEN=40 Here is my ufw version:
$ sudo ufw version
ufw 0.29.3-1
Copyright 2008-2009 Canonical Ltd.Is explicitly allowing outgoing traffic not enough? How to solve that? Should I add a rule for allowing the loopback interface? How to do that?
2 Answers
You need to allow established traffic back in.
At the moment your machine is trying to do a DNS lookup for but it is never getting the result as the traffic back from the DNS server is being blocked.
2This command helps me solve the issue sudo ufw allow 53/udp. Port 53 is the port for DNS.