Public bug reported: I was playing around with a script to allow a firewall entry in ufw, but only for a certain amount of time. The way I was doing this is by creating the rule and then automatically create an at job to delete it and the user could select time in minutes
Everything is beautiful and wonderful with the script except for when you schedule two ufw delete or more at the same time. If I do this only one of them deletes, even worse, my iptables "broke" and I could not delete rules even by resetting ufw, I kept getting this error: ERROR: initcaps [Errno 2] ip6tables: Chain already exists. So I had to reset the iptables Here is the code that creates the job in case it is any help to replicate at -f <(echo "ufw delete allow from $1 to any port $2") now + $3 minutes While I don't expect people to be creating jobs left and right at the exact same time, I have to account for that possibility and that it doesn't break the firewall when it happens. I believe this bug has been around for more than a year or so, as stated here: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1377600 and here: http://blog.cloud66.com/ufw-shenanigans/ I don't understand why this wasn't fixed yet, it seems like quite a serious issue, you never know when two sysadmins may run the same command at the same time, and if you have a lot of rules applied, the last thing you want is corrupted iptables. ** Affects: ufw (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1584293 Title: if two or more ufw commands are run at exactly the same time, ufw can break iptables To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ufw/+bug/1584293/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
