Why does ufw always block the SCTP protocol, regardless of what rules I have?

1

ufw seems to always block the SCTP protocol whatever rules I have set up:

For example, running enabled even with no rules:

 ufw reset
 ufw default allow incoming
 ufw enable

I still see SCTP blocked

tail -f /var/log/syslog | grep BLOCK
Jan 15 20:34:38 localhost kernel: [496837.640863] [UFW BLOCK] IN=enp1s0f1 OUT= MAC=ec:0d:9a:9e:b2:2f:ec:0d:9a:c0:01:0d:08:00 SRC=192.168.139.1 DST=192.168.20.2 LEN=80 TOS=0x1A PREC=0xA0 TTL=63 ID=16 DF PROTO=132 
Jan 15 20:34:44 localhost kernel: [496844.220995] [UFW BLOCK] IN=enp1s0f1 OUT= MAC=ec:0d:9a:9e:b2:2f:ec:0d:9a:c0:01:0d:08:00 SRC=192.168.139.1 DST=192.168.20.2 LEN=52 TOS=0x1A PREC=0xA0 TTL=63 ID=17 DF PROTO=132

rupello

Posted 2019-01-15T20:37:28.510

Reputation: 450

1Are you using NAPT? – Ron Maupin – 2019-01-15T20:40:37.073

@RonMaupin Not as far as I know - SCTP is coming into my network via an IPSEC VPN (StrongSwan) – rupello – 2019-01-15T20:44:29.940

2didn't find a solution to this as it seems ufw simply does not support sctp - I switched to using iptables rules directly – rupello – 2019-01-15T22:13:48.460

No answers

Asked: 2019-01-15T20:37:28.510

Viewed: 91 times

Active: 2019-01-15T20:37:28.510