Clients cannot connect to my website UFW
Linode
Linode Staff
Dear Sir,
Several clients of our company have been reporting failures of conection since last week. The service affected is webservices.example.com.
We have checked the syslog file (/var/log/syslog). The only thing we have found up to now are several firewall blocks (UFW) to different IP addresses.
I have copied an example.
Can you guess what could be the reason of these failures? Thanks in advance,
Dec 11 07:05:08 node kernel: [UFW BLOCK] IN=eth0 OUT= MAC=:::::::::::##:##:00 SRC=##.#.#.# DST=#.#.#.# LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=29341 PROTO=TCP SPT=55402 DPT=8975 WINDOW=1024 RES=0x00 SYN URGP=0
2 Replies
asilverman
Linode Staff
Hi there,
Thanks for reaching out to us and providing us the output of your syslog. This lets us know that your firewall UFW is blocking your clients from logging in. It seems that your clients are trying to connect via higher numbered ports and UFW is blocking their connections your rules may be too strict. You have a couple ways to handle this.
1. Open all the ports so your clients can connect. This is least safe since it opens every port, but this is the fastest way to allow your clients to connect.
sudo ufw default allow outgoing
sudo ufw default deny incoming
2. You can set custom rules for your clients to allow certain IP address.
sudo ufw allow from 123.45.67.89
3. Specify which port your clients are connecting with.
If you run the following command this would allow you to see your iptables firewall settings, and verify which ports UFW is blocking:
iptables --list
I have also provided a link to our guide for using UFW:
jchism
Linode Staff
I would start by reviewing your current firewall rules. You can do so using the following commands:
ufw status
iptables-save
You can also disable ufw using the following commands and verify if your clients can connect afterwards.
ufw disable
We also have a guide in regards to configuring UFW for a Linode.
https://www.linode.com/docs/security/firewalls/configure-firewall-with-ufw/