Hi all—as title suggests I’m experiencing a compatibility issue between UFW and my vpn (Windscribe if it matters). My UFW defaults are set to deny incoming, allow outgoing, and routed disabled, with no exception rules configured. When I enable Windscribe (I use OpenVPN udp on port 80 if that matters) while UFW is active, Windscribe reports a network configuration error and requests sending debug logs; ignoring the error still allows the VPN to function, but I observe IPv6 and DNS leaks. Disabling UFW removes the error and the leaks. What UFW configuration is causing this behavior, and which specific rules should I add to prevent IPv6 and DNS leaks while keeping UFW enabled?
It might help if you paste a complete dump of your firewall rules. I’m not sure if ufw uses iptables of netfilter since I haven’t used it before, but you can do:
for iptables firewalls:
iptables -Lfor netfilter firewalls:
nft list rulesetThat might help debug exactly what ufw and your vpn are doing.
Iptables (and nftables, among others) is just an implementation of netfilter kernel modules.
deleted by creator
Thanks, looking at it now, but I should have remembered, iptables has a separate tool for ipv6 called ip6tables. Could you also paste the output of
ip6tables -LIf you put it in the comment between backticks like this:
```
<paste here>
```
then it will keep the formatting exactly as it was when you copied it, instead of munging the linebreaks.
deleted by creator
Sorry to be a doofus, but could you paste the output of
iptables-saveandip6tables-saveinstead? The default iptables output actually just leaves out important information like which interface the rule applies to.I think the best thing to do would be to see if you can get support from Windscribe and find out whether it’s a known issue or a bug that needs fixing.
I did they said it just how their app is made and I should disable ufw
deleted by creator
deleted by creator