[tor-relays] Why is UFW bllocking allowed TOR traffic?

Jeff Odell jeff at jeffodell.com
Sun Jun 22 19:43:48 UTC 2014


I was monitoring UFW today and noticed that it was periodically blocking allowed TOR traffic.  any ideas why from those with more experience than I?


toradmin at IrvineTorExit:~$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
9001/tcp                   ALLOW       Anywhere
9030/tcp                   ALLOW       Anywhere
80                         ALLOW       Anywhere
22 (v6)                    ALLOW       Anywhere (v6)
9001/tcp (v6)              ALLOW       Anywhere (v6)
9030/tcp (v6)              ALLOW       Anywhere (v6)
80 (v6)                    ALLOW       Anywhere (v6)


toradmin at IrvineTorExit:~$ sudo tail -f /var/log/syslog | grep DPT=9001

Jun 22 15:38:12 IrvineTorExit kernel: [ 2159.246977] [UFW BLOCK] IN=eth0 OUT= MAC=04:01:1b:5e:9a:01:28:8a:1c:64:cf:f0:08:00 SRC=92.108.200.200 DST=188.226.199.250 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=10392 DF PROTO=TCP SPT=52000 DPT=9001 WINDOW=16652 RES=0x00 ACK URGP=0
Jun 22 15:38:12 IrvineTorExit kernel: [ 2159.246988] [UFW BLOCK] IN=eth0 OUT= MAC=04:01:1b:5e:9a:01:28:8a:1c:64:cf:f0:08:00 SRC=92.108.200.200 DST=188.226.199.250 LEN=52 TOS=0x00 PREC=0x00 TTL=120 ID=10396 DF PROTO=TCP SPT=52000 DPT=9001 WINDOW=16652 RES=0x00 ACK URGP=0

Regards,
Jeff


More information about the tor-relays mailing list