summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJate Sujjavanich <jatedev@gmail.com>2021-07-23 04:17:24 +0000
committerArmin Kuster <akuster808@gmail.com>2021-07-24 10:48:10 -0700
commitda09c4c74344a339dfda670650381e6cf219bed7 (patch)
treed87e9dbe9c3162a836f2e03fd346e6fbfeb8402e
parent5eff5262e3890ccef11f9fa4bbc81963c0889da2 (diff)
downloadmeta-openembedded-da09c4c74344a339dfda670650381e6cf219bed7.tar.gz
ufw: backport patches, update RRECOMMENDS, python3 support, tests
Backport patches: using conntrack instead of state eliminating warning support setup.py build (python 3) adjust runtime tests to use daytime port (netbase changes) empty out IPT_MODULES (nf conntrack warning) check-requirements patch for python 3.8 Update, add patches for python 3 interpreter Add ufw-test package. Backport fixes for check-requirements script Update kernel RRECOMMENDS for linux-yocto 5.4 in dunfell For dunfell Signed-off-by: Jate Sujjavanich <jatedev@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw/0006-check-requirements-get-error.patch36
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw/0007-use-conntrack-instead-of-state-module.patch14903
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw/0008-support-.-setup.py-build-LP-819600.patch93
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw/0009-adjust-runtime-tests-to-use-daytime-port.patch2895
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw/0010-empty-out-IPT_MODULES-and-update-documentation.patch106
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw/0011-tests-check-requirements--simplify-and-support-python-3.8.patch33
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw/Add-code-to-detect-openembedded-python-interpreter.patch33
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw/setup-only-make-one-reference-to-env.patch14
-rw-r--r--meta-networking/recipes-connectivity/ufw/ufw_0.33.bb49
9 files changed, 18155 insertions, 7 deletions
diff --git a/meta-networking/recipes-connectivity/ufw/ufw/0006-check-requirements-get-error.patch b/meta-networking/recipes-connectivity/ufw/ufw/0006-check-requirements-get-error.patch
new file mode 100644
index 000000000..9c268599f
--- /dev/null
+++ b/meta-networking/recipes-connectivity/ufw/ufw/0006-check-requirements-get-error.patch
@@ -0,0 +1,36 @@
1 * check-requirements now gives iptables output on failure. Patch thanks to
2 S. Nizio.
3
4Written by Jamie Strandboge <jamie@canonical.com>
5
6The patch was imported from git://git.launchpad.net/ufw
7commit id 9a6d8beb4cb1d1646c7d2a19e4aea9898f4571bb
8
9Removed ChangeLog patch due to backport status of this patch.
10
11Upstream-Status: Backport
12Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
13
14--- check-requirements.orig 2012-12-03 16:37:20.214274095 +0100
15+++ ufw-0.33/tests/check-requirements 2012-12-03 16:40:16.298728133 +0100
16@@ -29,14 +29,19 @@
17 runtime="yes"
18 shift 1
19 fi
20- if $@ >/dev/null 2>&1 ; then
21+ local output ret=0
22+ # make sure to always return success below because of set -e
23+ output=$( "$@" 2>&1 ) || ret=$?
24+ if [ $ret -eq 0 ]; then
25 echo pass
26 else
27 if [ "$runtime" = "yes" ]; then
28 echo "FAIL (no runtime support)"
29+ echo "error was: $output"
30 error_runtime="yes"
31 else
32 echo FAIL
33+ echo "error was: $output"
34 error="yes"
35 fi
36 fi
diff --git a/meta-networking/recipes-connectivity/ufw/ufw/0007-use-conntrack-instead-of-state-module.patch b/meta-networking/recipes-connectivity/ufw/ufw/0007-use-conntrack-instead-of-state-module.patch
new file mode 100644
index 000000000..7a97773de
--- /dev/null
+++ b/meta-networking/recipes-connectivity/ufw/ufw/0007-use-conntrack-instead-of-state-module.patch
@@ -0,0 +1,14903 @@
1use conntrack instead of state module. Patch based on work by S. Nizio.
2
3https://bugs.launchpad.net/ufw/+bug/1065297
4
5The patch was imported from git://git.launchpad.net/ufw
6commit id 2a24ab2c46a1370d230d380a7b794ac3f8296799
7
8Removed ChangeLog patch due to backport status of this patch.
9
10Upstream-Status: Backport
11Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
12
13diff --git a/README b/README
14index 0cc2b2f..fead7c0 100644
15--- a/README
16+++ b/README
17@@ -24,13 +24,14 @@ Linux kernel configured with the following modules (not exhaustive):
18 limit
19 multiport
20 recent
21- state
22-
23-* python2.5 is no longer supported
24-** Systems with iptables below 1.4 will not have IPv6 application rule support.
25- ufw will give a warning when users try to use this functionality, but ufw
26- will otherwise work fine. ufw is known to work with iptables 1.3.8 in this
27- degraded mode.
28+ conntrack***
29+
30+* python2.5 is no longer supported
31+** Systems with iptables below 1.4 will not have IPv6 application rule
32+ support. ufw will give a warning when users try to use this functionality,
33+ but ufw will otherwise work fine. ufw is known to work with iptables 1.3.8
34+ in this degraded mode.
35+*** As of 0.34, the 'conntrack' modules is used instead of 'state'
36
37 ufw has been widely tested on Linux 2.6.24 and higher kernels. You may also
38 use the check-requirements script in the tests/ directory to see if your
39diff --git a/conf/before.rules b/conf/before.rules
40index bc11f36..9917b87 100644
41--- a/conf/before.rules
42+++ b/conf/before.rules
43@@ -22,12 +22,12 @@
44 -A ufw-before-output -o lo -j ACCEPT
45
46 # quickly process packets for which we already have a connection
47--A ufw-before-input -m state --state RELATED,ESTABLISHED -j ACCEPT
48--A ufw-before-output -m state --state RELATED,ESTABLISHED -j ACCEPT
49+-A ufw-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
50+-A ufw-before-output -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
51
52 # drop INVALID packets (logs these in loglevel medium and higher)
53--A ufw-before-input -m state --state INVALID -j ufw-logging-deny
54--A ufw-before-input -m state --state INVALID -j DROP
55+-A ufw-before-input -m conntrack --ctstate INVALID -j ufw-logging-deny
56+-A ufw-before-input -m conntrack --ctstate INVALID -j DROP
57
58 # ok icmp codes
59 -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT
60diff --git a/conf/before6.rules b/conf/before6.rules
61index fb1a8f1..8b7e4ff 100644
62--- a/conf/before6.rules
63+++ b/conf/before6.rules
64@@ -34,16 +34,16 @@
65 -A ufw6-before-input -p icmpv6 --icmpv6-type router-advertisement -m hl --hl-eq 255 -j ACCEPT
66
67 # quickly process packets for which we already have a connection
68--A ufw6-before-input -m state --state RELATED,ESTABLISHED -j ACCEPT
69--A ufw6-before-output -m state --state RELATED,ESTABLISHED -j ACCEPT
70+-A ufw6-before-input -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
71+-A ufw6-before-output -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
72
73 # for multicast ping replies from link-local addresses (these don't have an
74 # associated connection and would otherwise be marked INVALID)
75 -A ufw6-before-input -p icmpv6 --icmpv6-type echo-reply -s fe80::/10 -j ACCEPT
76
77 # drop INVALID packets (logs these in loglevel medium and higher)
78--A ufw6-before-input -m state --state INVALID -j ufw6-logging-deny
79--A ufw6-before-input -m state --state INVALID -j DROP
80+-A ufw6-before-input -m conntrack --ctstate INVALID -j ufw6-logging-deny
81+-A ufw6-before-input -m conntrack --ctstate INVALID -j DROP
82
83 # ok icmp codes
84 -A ufw6-before-input -p icmpv6 --icmpv6-type destination-unreachable -j ACCEPT
85diff --git a/doc/ufw-framework.8 b/doc/ufw-framework.8
86index d9e3d5a..76403d6 100644
87--- a/doc/ufw-framework.8
88+++ b/doc/ufw-framework.8
89@@ -167,9 +167,9 @@ Edit #CONFIG_PREFIX#/ufw/sysctl.conf to have:
90 net.ipv4.ip_forward=1
91 .TP
92 Add to the *filter section of #CONFIG_PREFIX#/ufw/before.rules:
93- \-A ufw\-before\-forward \-m state \-\-state RELATED,ESTABLISHED \\
94- \-j ACCEPT
95- \-A ufw\-before\-forward \-m state \-\-state NEW \-i eth0 \\
96+ \-A ufw\-before\-forward \-m conntrack \\
97+ \-\-ctstate RELATED,ESTABLISHED \-j ACCEPT
98+ \-A ufw\-before\-forward \-m conntrack \-\-ctstate NEW \-i eth0 \\
99 \-d 10.0.0.2 \-p tcp \-\-dport 80 \-j ACCEPT
100 .TP
101 Add to the end of #CONFIG_PREFIX#/ufw/before.rules, after the *filter section:
102@@ -209,13 +209,13 @@ Edit #CONFIG_PREFIX#/ufw/sysctl.conf to have:
103 net.ipv4.ip_forward=1
104 .TP
105 Add to the *filter section of #CONFIG_PREFIX#/ufw/before.rules:
106- \-A ufw\-before\-forward \-m state \-\-state RELATED,ESTABLISHED \\
107- \-j ACCEPT
108+ \-A ufw\-before\-forward \-m conntrack \\
109+ \-\-ctstate RELATED,ESTABLISHED \-j ACCEPT
110
111- \-A ufw\-before\-forward \-i eth1 \-s 10.0.0.0/8 \-o eth0 \-m state \\
112- \-\-state NEW \-j ACCEPT
113+ \-A ufw\-before\-forward \-i eth1 \-s 10.0.0.0/8 \-o eth0 \\
114+ \-m conntrack \-\-ctstate NEW \-j ACCEPT
115
116- \-A ufw\-before\-forward \-m state \-\-state NEW \-i eth0 \\
117+ \-A ufw\-before\-forward \-m conntrack \-\-ctstate NEW \-i eth0 \\
118 \-d 10.0.0.2 \-p tcp \-\-dport 80 \-j ACCEPT
119
120 \-A ufw\-before\-forward \-o eth0 \-d 10.0.0.0/8 \-j REJECT
121diff --git a/locales/po/ufw.pot b/locales/po/ufw.pot
122index fc56838..dc4b8e9 100644
123--- a/locales/po/ufw.pot
124+++ b/locales/po/ufw.pot
125@@ -8,7 +8,7 @@ msgid ""
126 msgstr ""
127 "Project-Id-Version: PACKAGE VERSION\n"
128 "Report-Msgid-Bugs-To: \n"
129-"POT-Creation-Date: 2012-08-12 10:55-0500\n"
130+"POT-Creation-Date: 2012-12-03 14:33-0600\n"
131 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
132 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
133 "Language-Team: LANGUAGE <LL@li.org>\n"
134@@ -21,7 +21,7 @@ msgstr ""
135 msgid ": Need at least python 2.6)\n"
136 msgstr ""
137
138-#: src/ufw:109 src/frontend.py:575 src/frontend.py:877
139+#: src/ufw:109 src/frontend.py:577 src/frontend.py:879
140 msgid "Aborted"
141 msgstr ""
142
143@@ -103,7 +103,7 @@ msgstr ""
144 msgid "New profiles:"
145 msgstr ""
146
147-#: src/backend_iptables.py:88 src/backend.py:322
148+#: src/backend_iptables.py:88 src/backend.py:339
149 #, python-format
150 msgid "Unsupported policy '%s'"
151 msgstr ""
152@@ -130,44 +130,44 @@ msgstr ""
153 msgid "Checking raw ip6tables\n"
154 msgstr ""
155
156-#: src/backend_iptables.py:250
157+#: src/backend_iptables.py:253
158 msgid "Checking iptables\n"
159 msgstr ""
160
161-#: src/backend_iptables.py:252
162+#: src/backend_iptables.py:255
163 msgid "Checking ip6tables\n"
164 msgstr ""
165
166-#: src/backend_iptables.py:255 src/backend_iptables.py:495
167+#: src/backend_iptables.py:258 src/backend_iptables.py:501
168 msgid "problem running"
169 msgstr ""
170
171-#: src/backend_iptables.py:261
172+#: src/backend_iptables.py:264
173 msgid "Status: inactive"
174 msgstr ""
175
176-#: src/backend_iptables.py:397
177+#: src/backend_iptables.py:400
178 msgid "To"
179 msgstr ""
180
181-#: src/backend_iptables.py:398
182+#: src/backend_iptables.py:401
183 msgid "From"
184 msgstr ""
185
186-#: src/backend_iptables.py:399
187+#: src/backend_iptables.py:402
188 msgid "Action"
189 msgstr ""
190
191-#: src/backend_iptables.py:415
192+#: src/backend_iptables.py:418
193 msgid "\n"
194 msgstr ""
195
196-#: src/backend_iptables.py:423
197+#: src/backend_iptables.py:426
198 #, python-format
199 msgid "Default: %(in)s (incoming), %(out)s (outgoing)"
200 msgstr ""
201
202-#: src/backend_iptables.py:427
203+#: src/backend_iptables.py:430
204 #, python-format
205 msgid ""
206 "Status: active\n"
207@@ -176,174 +176,174 @@ msgid ""
208 "%(app)s%(status)s"
209 msgstr ""
210
211-#: src/backend_iptables.py:431
212+#: src/backend_iptables.py:434
213 #, python-format
214 msgid "Status: active%s"
215 msgstr ""
216
217-#: src/backend_iptables.py:436 src/backend_iptables.py:446
218+#: src/backend_iptables.py:439 src/backend_iptables.py:449
219 msgid "running ufw-init"
220 msgstr ""
221
222-#: src/backend_iptables.py:440 src/backend_iptables.py:450
223+#: src/backend_iptables.py:443 src/backend_iptables.py:453
224 #, python-format
225 msgid ""
226 "problem running ufw-init\n"
227 "%s"
228 msgstr ""
229
230-#: src/backend_iptables.py:459
231+#: src/backend_iptables.py:462
232 msgid "Could not set LOGLEVEL"
233 msgstr ""
234
235-#: src/backend_iptables.py:465
236+#: src/backend_iptables.py:468
237 msgid "Could not load logging rules"
238 msgstr ""
239
240-#: src/backend_iptables.py:617 src/backend.py:229
241+#: src/backend_iptables.py:623 src/backend.py:246
242 #, python-format
243 msgid "Couldn't open '%s' for reading"
244 msgstr ""
245
246-#: src/backend_iptables.py:626
247+#: src/backend_iptables.py:632
248 #, python-format
249 msgid "Skipping malformed tuple (bad length): %s"
250 msgstr ""
251
252-#: src/backend_iptables.py:657
253+#: src/backend_iptables.py:663
254 #, python-format
255 msgid "Skipping malformed tuple: %s"
256 msgstr ""
257
258-#: src/backend_iptables.py:679 src/backend.py:260
259+#: src/backend_iptables.py:685 src/backend.py:277
260 #, python-format
261 msgid "'%s' is not writable"
262 msgstr ""
263
264-#: src/backend_iptables.py:837
265+#: src/backend_iptables.py:850
266 msgid "Adding IPv6 rule failed: IPv6 not enabled"
267 msgstr ""
268
269-#: src/backend_iptables.py:841
270+#: src/backend_iptables.py:854
271 #, python-format
272 msgid "Skipping unsupported IPv6 '%s' rule"
273 msgstr ""
274
275-#: src/backend_iptables.py:845
276+#: src/backend_iptables.py:858
277 #, python-format
278 msgid "Skipping unsupported IPv4 '%s' rule"
279 msgstr ""
280
281-#: src/backend_iptables.py:848
282+#: src/backend_iptables.py:861
283 msgid "Must specify 'tcp' or 'udp' with multiple ports"
284 msgstr ""
285
286-#: src/backend_iptables.py:860
287+#: src/backend_iptables.py:873
288 msgid "Skipping IPv6 application rule. Need at least iptables 1.4"
289 msgstr ""
290
291-#: src/backend_iptables.py:865
292+#: src/backend_iptables.py:878
293 #, python-format
294 msgid "Invalid position '%d'"
295 msgstr ""
296
297-#: src/backend_iptables.py:869
298+#: src/backend_iptables.py:882
299 msgid "Cannot specify insert and delete"
300 msgstr ""
301
302-#: src/backend_iptables.py:872
303+#: src/backend_iptables.py:885
304 #, python-format
305 msgid "Cannot insert rule at position '%d'"
306 msgstr ""
307
308-#: src/backend_iptables.py:930
309+#: src/backend_iptables.py:943
310 msgid "Skipping inserting existing rule"
311 msgstr ""
312
313-#: src/backend_iptables.py:941 src/frontend.py:386
314+#: src/backend_iptables.py:954 src/frontend.py:388
315 msgid "Could not delete non-existent rule"
316 msgstr ""
317
318-#: src/backend_iptables.py:946
319+#: src/backend_iptables.py:959
320 msgid "Skipping adding existing rule"
321 msgstr ""
322
323-#: src/backend_iptables.py:962
324+#: src/backend_iptables.py:975
325 msgid "Couldn't update rules file"
326 msgstr ""
327
328-#: src/backend_iptables.py:967
329+#: src/backend_iptables.py:980
330 msgid "Rules updated"
331 msgstr ""
332
333-#: src/backend_iptables.py:969
334+#: src/backend_iptables.py:982
335 msgid "Rules updated (v6)"
336 msgstr ""
337
338-#: src/backend_iptables.py:977
339+#: src/backend_iptables.py:990
340 msgid "Rule inserted"
341 msgstr ""
342
343-#: src/backend_iptables.py:979
344+#: src/backend_iptables.py:992
345 msgid "Rule updated"
346 msgstr ""
347
348-#: src/backend_iptables.py:989
349+#: src/backend_iptables.py:1002
350 msgid " (skipped reloading firewall)"
351 msgstr ""
352
353-#: src/backend_iptables.py:992
354+#: src/backend_iptables.py:1005
355 msgid "Rule deleted"
356 msgstr ""
357
358-#: src/backend_iptables.py:995
359+#: src/backend_iptables.py:1008
360 msgid "Rule added"
361 msgstr ""
362
363-#: src/backend_iptables.py:1010 src/backend_iptables.py:1098
364+#: src/backend_iptables.py:1023 src/backend_iptables.py:1114
365 msgid "Could not update running firewall"
366 msgstr ""
367
368-#: src/backend_iptables.py:1065
369+#: src/backend_iptables.py:1078
370 #, python-format
371 msgid "Could not perform '%s'"
372 msgstr ""
373
374-#: src/backend_iptables.py:1089
375+#: src/backend_iptables.py:1105
376 msgid "Couldn't update rules file for logging"
377 msgstr ""
378
379-#: src/backend_iptables.py:1147 src/backend.py:578
380+#: src/backend_iptables.py:1163 src/backend.py:595
381 #, python-format
382 msgid "Invalid log level '%s'"
383 msgstr ""
384
385-#: src/backend_iptables.py:1244
386+#: src/backend_iptables.py:1260
387 #, python-format
388 msgid "Could not find '%s'. Aborting"
389 msgstr ""
390
391-#: src/backend_iptables.py:1256
392+#: src/backend_iptables.py:1272
393 #, python-format
394 msgid "'%s' already exists. Aborting"
395 msgstr ""
396
397-#: src/backend_iptables.py:1262
398+#: src/backend_iptables.py:1278
399 #, python-format
400 msgid "Backing up '%(old)s' to '%(new)s'\n"
401 msgstr ""
402
403-#: src/backend_iptables.py:1278 src/backend.py:185
404+#: src/backend_iptables.py:1294 src/backend.py:202
405 #, python-format
406 msgid "Couldn't stat '%s'"
407 msgstr ""
408
409-#: src/backend_iptables.py:1283
410+#: src/backend_iptables.py:1299
411 #, python-format
412 msgid "WARN: '%s' is world writable"
413 msgstr ""
414
415-#: src/backend_iptables.py:1285
416+#: src/backend_iptables.py:1301
417 #, python-format
418 msgid "WARN: '%s' is world readable"
419 msgstr ""
420@@ -352,102 +352,102 @@ msgstr ""
421 msgid "Couldn't determine iptables version"
422 msgstr ""
423
424-#: src/backend.py:138
425+#: src/backend.py:155
426 msgid "Checks disabled"
427 msgstr ""
428
429-#: src/backend.py:144
430+#: src/backend.py:161
431 msgid "ERROR: this script should not be SUID"
432 msgstr ""
433
434-#: src/backend.py:147
435+#: src/backend.py:164
436 msgid "ERROR: this script should not be SGID"
437 msgstr ""
438
439-#: src/backend.py:152
440+#: src/backend.py:169
441 msgid "You need to be root to run this script"
442 msgstr ""
443
444-#: src/backend.py:162
445+#: src/backend.py:179
446 #, python-format
447 msgid "'%s' does not exist"
448 msgstr ""
449
450-#: src/backend.py:191
451+#: src/backend.py:208
452 #, python-format
453 msgid "uid is %(uid)s but '%(path)s' is owned by %(st_uid)s"
454 msgstr ""
455
456-#: src/backend.py:198
457+#: src/backend.py:215
458 #, python-format
459 msgid "%s is world writable!"
460 msgstr ""
461
462-#: src/backend.py:202
463+#: src/backend.py:219
464 #, python-format
465 msgid "%s is group writable!"
466 msgstr ""
467
468-#: src/backend.py:218
469+#: src/backend.py:235
470 #, python-format
471 msgid "'%(f)s' file '%(name)s' does not exist"
472 msgstr ""
473
474-#: src/backend.py:243
475+#: src/backend.py:260
476 #, python-format
477 msgid "Missing policy for '%s'"
478 msgstr ""
479
480-#: src/backend.py:247
481+#: src/backend.py:264
482 #, python-format
483 msgid "Invalid policy '%(policy)s' for '%(chain)s'"
484 msgstr ""
485
486-#: src/backend.py:254
487+#: src/backend.py:271
488 msgid "Invalid option"
489 msgstr ""
490
491-#: src/backend.py:325
492+#: src/backend.py:342
493 #, python-format
494 msgid "Default application policy changed to '%s'"
495 msgstr ""
496
497-#: src/backend.py:407
498+#: src/backend.py:424
499 msgid "No rules found for application profile"
500 msgstr ""
501
502-#: src/backend.py:466
503+#: src/backend.py:483
504 #, python-format
505 msgid "Rules updated for profile '%s'"
506 msgstr ""
507
508-#: src/backend.py:472
509+#: src/backend.py:489
510 msgid "Couldn't update application rules"
511 msgstr ""
512
513-#: src/backend.py:494
514+#: src/backend.py:511
515 #, python-format
516 msgid "Found multiple matches for '%s'. Please use exact profile name"
517 msgstr ""
518
519-#: src/backend.py:496
520+#: src/backend.py:513
521 #, python-format
522 msgid "Could not find a profile matching '%s'"
523 msgstr ""
524
525-#: src/backend.py:562
526+#: src/backend.py:579
527 msgid "Logging: "
528 msgstr ""
529
530-#: src/backend.py:566
531+#: src/backend.py:583
532 msgid "unknown"
533 msgstr ""
534
535-#: src/backend.py:596
536+#: src/backend.py:613
537 msgid "Logging disabled"
538 msgstr ""
539
540-#: src/backend.py:598
541+#: src/backend.py:615
542 msgid "Logging enabled"
543 msgstr ""
544
545@@ -526,6 +526,7 @@ msgid ""
546 " %(limit)-31s add limit %(rule)s\n"
547 " %(delete)-31s delete %(urule)s\n"
548 " %(insert)-31s insert %(urule)s at %(number)s\n"
549+" %(reload)-31s reload firewall\n"
550 " %(reset)-31s reset firewall\n"
551 " %(status)-31s show firewall status\n"
552 " %(statusnum)-31s show firewall status as numbered list of %(rules)s\n"
553@@ -540,87 +541,87 @@ msgid ""
554 " %(appdefault)-31s set default application policy\n"
555 msgstr ""
556
557-#: src/frontend.py:160
558+#: src/frontend.py:162
559 msgid "n"
560 msgstr ""
561
562-#: src/frontend.py:161
563+#: src/frontend.py:163
564 msgid "y"
565 msgstr ""
566
567-#: src/frontend.py:162
568+#: src/frontend.py:164
569 msgid "yes"
570 msgstr ""
571
572-#: src/frontend.py:207
573+#: src/frontend.py:209
574 msgid "Firewall is active and enabled on system startup"
575 msgstr ""
576
577-#: src/frontend.py:214
578+#: src/frontend.py:216
579 msgid "Firewall stopped and disabled on system startup"
580 msgstr ""
581
582-#: src/frontend.py:265
583+#: src/frontend.py:267
584 msgid "Could not get listening status"
585 msgstr ""
586
587-#: src/frontend.py:326
588+#: src/frontend.py:328
589 msgid "Added user rules (see 'ufw status' for running firewall):"
590 msgstr ""
591
592-#: src/frontend.py:329
593+#: src/frontend.py:331
594 msgid ""
595 "\n"
596 "(None)"
597 msgstr ""
598
599-#: src/frontend.py:381 src/frontend.py:479 src/frontend.py:489
600+#: src/frontend.py:383 src/frontend.py:481 src/frontend.py:491
601 #, python-format
602 msgid "Invalid IP version '%s'"
603 msgstr ""
604
605-#: src/frontend.py:412
606+#: src/frontend.py:414
607 msgid "Invalid position '"
608 msgstr ""
609
610-#: src/frontend.py:486
611+#: src/frontend.py:488
612 msgid "IPv6 support not enabled"
613 msgstr ""
614
615-#: src/frontend.py:497
616+#: src/frontend.py:499
617 msgid "Rule changed after normalization"
618 msgstr ""
619
620-#: src/frontend.py:521
621+#: src/frontend.py:523
622 #, python-format
623 msgid "Could not back out rule '%s'"
624 msgstr ""
625
626-#: src/frontend.py:525
627+#: src/frontend.py:527
628 msgid ""
629 "\n"
630 "Error applying application rules."
631 msgstr ""
632
633-#: src/frontend.py:527
634+#: src/frontend.py:529
635 msgid " Some rules could not be unapplied."
636 msgstr ""
637
638-#: src/frontend.py:529
639+#: src/frontend.py:531
640 msgid " Attempted rules successfully unapplied."
641 msgstr ""
642
643-#: src/frontend.py:540
644+#: src/frontend.py:542
645 #, python-format
646 msgid "Could not find rule '%s'"
647 msgstr ""
648
649-#: src/frontend.py:545 src/frontend.py:550
650+#: src/frontend.py:547 src/frontend.py:552
651 #, python-format
652 msgid "Could not find rule '%d'"
653 msgstr ""
654
655-#: src/frontend.py:562
656+#: src/frontend.py:564
657 #, python-format
658 msgid ""
659 "Deleting:\n"
660@@ -628,93 +629,93 @@ msgid ""
661 "Proceed with operation (%(yes)s|%(no)s)? "
662 msgstr ""
663
664-#: src/frontend.py:593
665+#: src/frontend.py:595
666 msgid "Unsupported default policy"
667 msgstr ""
668
669-#: src/frontend.py:622 src/frontend.py:767
670+#: src/frontend.py:624 src/frontend.py:769
671 msgid "Firewall reloaded"
672 msgstr ""
673
674-#: src/frontend.py:624
675+#: src/frontend.py:626
676 msgid "Firewall not enabled (skipping reload)"
677 msgstr ""
678
679-#: src/frontend.py:641 src/frontend.py:655 src/frontend.py:692
680+#: src/frontend.py:643 src/frontend.py:657 src/frontend.py:694
681 msgid "Invalid profile name"
682 msgstr ""
683
684-#: src/frontend.py:660 src/frontend.py:842
685+#: src/frontend.py:662 src/frontend.py:844
686 #, python-format
687 msgid "Unsupported action '%s'"
688 msgstr ""
689
690-#: src/frontend.py:679
691+#: src/frontend.py:681
692 msgid "Available applications:"
693 msgstr ""
694
695-#: src/frontend.py:700
696+#: src/frontend.py:702
697 #, python-format
698 msgid "Could not find profile '%s'"
699 msgstr ""
700
701-#: src/frontend.py:705
702+#: src/frontend.py:707
703 msgid "Invalid profile"
704 msgstr ""
705
706-#: src/frontend.py:708
707+#: src/frontend.py:710
708 #, python-format
709 msgid "Profile: %s\n"
710 msgstr ""
711
712-#: src/frontend.py:709
713+#: src/frontend.py:711
714 #, python-format
715 msgid "Title: %s\n"
716 msgstr ""
717
718-#: src/frontend.py:712
719+#: src/frontend.py:714
720 #, python-format
721 msgid ""
722 "Description: %s\n"
723 "\n"
724 msgstr ""
725
726-#: src/frontend.py:718
727+#: src/frontend.py:720
728 msgid "Ports:"
729 msgstr ""
730
731-#: src/frontend.py:720
732+#: src/frontend.py:722
733 msgid "Port:"
734 msgstr ""
735
736-#: src/frontend.py:769
737+#: src/frontend.py:771
738 msgid "Skipped reloading firewall"
739 msgstr ""
740
741-#: src/frontend.py:779
742+#: src/frontend.py:781
743 msgid "Cannot specify 'all' with '--add-new'"
744 msgstr ""
745
746-#: src/frontend.py:794
747+#: src/frontend.py:796
748 #, python-format
749 msgid "Unknown policy '%s'"
750 msgstr ""
751
752-#: src/frontend.py:851
753+#: src/frontend.py:853
754 #, python-format
755 msgid ""
756 "Command may disrupt existing ssh connections. Proceed with operation "
757 "(%(yes)s|%(no)s)? "
758 msgstr ""
759
760-#: src/frontend.py:864
761+#: src/frontend.py:866
762 #, python-format
763 msgid ""
764 "Resetting all rules to installed defaults. Proceed with operation (%(yes)s|"
765 "%(no)s)? "
766 msgstr ""
767
768-#: src/frontend.py:868
769+#: src/frontend.py:870
770 #, python-format
771 msgid ""
772 "Resetting all rules to installed defaults. This may disrupt existing ssh "
773diff --git a/setup.py b/setup.py
774index 6fb3751..1685401 100644
775--- a/setup.py
776+++ b/setup.py
777@@ -35,7 +35,7 @@ import sys
778 import shutil
779 import subprocess
780
781-ufw_version = '0.33'
782+ufw_version = '0.34'
783
784 def cmd(command):
785 '''Try to execute the given command.'''
786diff --git a/src/backend_iptables.py b/src/backend_iptables.py
787index 76d8515..478e35c 100644
788--- a/src/backend_iptables.py
789+++ b/src/backend_iptables.py
790@@ -564,7 +564,7 @@ class UFWBackendIptables(ufw.backend.UFWBackend):
791 lstr = '%s -j LOG --log-prefix "[UFW %s] "' % (limit_args, \
792 policy)
793 if not pat_logall.search(s):
794- lstr = '-m state --state NEW ' + lstr
795+ lstr = '-m conntrack --ctstate NEW ' + lstr
796 snippets[i] = pat_log.sub(r'\1-j \2\4', s)
797 snippets.insert(i, pat_log.sub(r'\1-j ' + prefix + \
798 '-user-logging-' + suffix, s))
799@@ -580,9 +580,9 @@ class UFWBackendIptables(ufw.backend.UFWBackend):
800 pat_limit = re.compile(r' -j LIMIT')
801 for i, s in enumerate(snippets):
802 if pat_limit.search(s):
803- tmp1 = pat_limit.sub(' -m state --state NEW -m recent --set', \
804+ tmp1 = pat_limit.sub(' -m conntrack --ctstate NEW -m recent --set', \
805 s)
806- tmp2 = pat_limit.sub(' -m state --state NEW -m recent' + \
807+ tmp2 = pat_limit.sub(' -m conntrack --ctstate NEW -m recent' + \
808 ' --update --seconds 30 --hitcount 6' + \
809 ' -j ' + prefix + '-user-limit', s)
810 tmp3 = pat_limit.sub(' -j ' + prefix + '-user-limit-accept', s)
811@@ -1212,12 +1212,12 @@ class UFWBackendIptables(ufw.backend.UFWBackend):
812 prefix = "[UFW BLOCK] "
813 if self.loglevels[level] < self.loglevels["medium"]:
814 # only log INVALID in medium and higher
815- rules_t.append([c, ['-I', c, '-m', 'state', \
816- '--state', 'INVALID', \
817+ rules_t.append([c, ['-I', c, '-m', 'conntrack', \
818+ '--ctstate', 'INVALID', \
819 '-j', 'RETURN'] + largs, ''])
820 else:
821- rules_t.append([c, ['-A', c, '-m', 'state', \
822- '--state', 'INVALID', \
823+ rules_t.append([c, ['-A', c, '-m', 'conntrack', \
824+ '--ctstate', 'INVALID', \
825 '-j', 'LOG', \
826 '--log-prefix', \
827 "[UFW AUDIT INVALID] "] + \
828@@ -1236,7 +1236,7 @@ class UFWBackendIptables(ufw.backend.UFWBackend):
829
830 # loglevel medium logs all new packets with limit
831 if self.loglevels[level] < self.loglevels["high"]:
832- largs = ['-m', 'state', '--state', 'NEW'] + limit_args
833+ largs = ['-m', 'conntrack', '--ctstate', 'NEW'] + limit_args
834
835 prefix = "[UFW AUDIT] "
836 for c in self.chains['before']:
837diff --git a/src/ufw-init-functions b/src/ufw-init-functions
838index f4783e7..c5e0319 100755
839--- a/src/ufw-init-functions
840+++ b/src/ufw-init-functions
841@@ -251,15 +251,15 @@ ufw_start() {
842 # add tracking policy
843 if [ "$DEFAULT_INPUT_POLICY" = "ACCEPT" ]; then
844 printf "*filter\n"\
845-"-A ufw${type}-track-input -p tcp -m state --state NEW -j ACCEPT\n"\
846-"-A ufw${type}-track-input -p udp -m state --state NEW -j ACCEPT\n"\
847+"-A ufw${type}-track-input -p tcp -m conntrack --ctstate NEW -j ACCEPT\n"\
848+"-A ufw${type}-track-input -p udp -m conntrack --ctstate NEW -j ACCEPT\n"\
849 "COMMIT\n" | $exe-restore -n || error="yes"
850 fi
851
852 if [ "$DEFAULT_OUTPUT_POLICY" = "ACCEPT" ]; then
853 printf "*filter\n"\
854-"-A ufw${type}-track-output -p tcp -m state --state NEW -j ACCEPT\n"\
855-"-A ufw${type}-track-output -p udp -m state --state NEW -j ACCEPT\n"\
856+"-A ufw${type}-track-output -p tcp -m conntrack --ctstate NEW -j ACCEPT\n"\
857+"-A ufw${type}-track-output -p udp -m conntrack --ctstate NEW -j ACCEPT\n"\
858 "COMMIT\n" | $exe-restore -n || error="yes"
859 fi
860
861diff --git a/src/util.py b/src/util.py
862index fe9cd5c..bf0a6f6 100644
863--- a/src/util.py
864+++ b/src/util.py
865@@ -737,12 +737,12 @@ def get_netfilter_capabilities(exe="/sbin/iptables"):
866 # the stuff we know isn't supported everywhere but we want to support.
867
868 # recent-set
869- if test_cap(exe, chain, ['-m', 'state', '--state', 'NEW', \
870+ if test_cap(exe, chain, ['-m', 'conntrack', '--ctstate', 'NEW', \
871 '-m', 'recent', '--set']):
872 caps.append('recent-set')
873
874 # recent-update
875- if test_cap(exe, chain, ['-m', 'state', '--state', 'NEW', \
876+ if test_cap(exe, chain, ['-m', 'conntrack', '--ctstate', 'NEW', \
877 '-m', 'recent', '--update', \
878 '--seconds', '30', \
879 '--hitcount', '6']):
880diff --git a/tests/bugs/rules/result b/tests/bugs/rules/result
881index af2879a..396ff4c 100644
882--- a/tests/bugs/rules/result
883+++ b/tests/bugs/rules/result
884@@ -28,7 +28,7 @@ WARN: Checks disabled
885 ### LOGGING ###
886 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
887 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
888--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
889+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
890 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
891 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
892 ### END LOGGING ###
893@@ -73,7 +73,7 @@ WARN: Checks disabled
894 ### LOGGING ###
895 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
896 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
897--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
898+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
899 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
900 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
901 ### END LOGGING ###
902diff --git a/tests/check-requirements b/tests/check-requirements
903index 613a3c8..ffbe9fc 100755
904--- a/tests/check-requirements
905+++ b/tests/check-requirements
906@@ -172,24 +172,24 @@ for i in "" 6; do
907 done
908
909 echo -n "hashlimit: "
910- runcmd $exe -A $c -m hashlimit -m tcp -p tcp --dport 22 --hashlimit 1/min --hashlimit-mode srcip --hashlimit-name ssh -m state --state NEW -j ACCEPT
911+ runcmd $exe -A $c -m hashlimit -m tcp -p tcp --dport 22 --hashlimit 1/min --hashlimit-mode srcip --hashlimit-name ssh -m conntrack --ctstate NEW -j ACCEPT
912
913 echo -n "limit: "
914 runcmd $exe -A $c -m limit --limit 3/min --limit-burst 10 -j ACCEPT
915
916 for j in NEW RELATED ESTABLISHED INVALID; do
917 echo -n "state ($j): "
918- runcmd $exe -A $c -m state --state $j
919+ runcmd $exe -A $c -m conntrack --ctstate $j
920 done
921
922 echo -n "state (new, recent set): "
923- runcmd runtime $exe -A $c -m state --state NEW -m recent --set
924+ runcmd runtime $exe -A $c -m conntrack --ctstate NEW -m recent --set
925
926 echo -n "state (new, recent update): "
927- runcmd runtime $exe -A $c -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ACCEPT
928+ runcmd runtime $exe -A $c -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ACCEPT
929
930 echo -n "state (new, limit): "
931- runcmd $exe -A $c -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j ACCEPT
932+ runcmd $exe -A $c -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j ACCEPT
933
934 echo -n "interface (input): "
935 runcmd $exe -A $c -i eth0 -j ACCEPT
936diff --git a/tests/good/apps/result b/tests/good/apps/result
937index c6988b0..8b477c2 100644
938--- a/tests/good/apps/result
939+++ b/tests/good/apps/result
940@@ -717,7 +717,7 @@ WARN: Checks disabled
941 ### LOGGING ###
942 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
943 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
944--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
945+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
946 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
947 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
948 ### END LOGGING ###
949@@ -760,7 +760,7 @@ WARN: Checks disabled
950 ### LOGGING ###
951 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
952 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
953--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
954+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
955 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
956 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
957 ### END LOGGING ###
958@@ -803,7 +803,7 @@ WARN: Checks disabled
959 ### LOGGING ###
960 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
961 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
962--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
963+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
964 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
965 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
966 ### END LOGGING ###
967@@ -847,7 +847,7 @@ WARN: Checks disabled
968 ### LOGGING ###
969 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
970 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
971--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
972+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
973 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
974 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
975 ### END LOGGING ###
976@@ -890,7 +890,7 @@ WARN: Checks disabled
977 ### LOGGING ###
978 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
979 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
980--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
981+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
982 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
983 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
984 ### END LOGGING ###
985@@ -931,7 +931,7 @@ COMMIT
986 ### LOGGING ###
987 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
988 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
989--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
990+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
991 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
992 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
993 ### END LOGGING ###
994@@ -974,7 +974,7 @@ WARN: Checks disabled
995 ### LOGGING ###
996 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
997 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
998--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
999+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1000 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1001 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1002 ### END LOGGING ###
1003@@ -1017,7 +1017,7 @@ WARN: Checks disabled
1004 ### LOGGING ###
1005 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1006 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1007--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1008+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1009 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1010 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1011 ### END LOGGING ###
1012@@ -1060,7 +1060,7 @@ WARN: Checks disabled
1013 ### LOGGING ###
1014 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1015 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1016--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1017+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1018 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1019 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1020 ### END LOGGING ###
1021@@ -1103,7 +1103,7 @@ WARN: Checks disabled
1022 ### LOGGING ###
1023 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1024 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1025--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1026+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1027 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1028 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1029 ### END LOGGING ###
1030@@ -1146,7 +1146,7 @@ WARN: Checks disabled
1031 ### LOGGING ###
1032 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1033 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1034--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1035+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1036 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1037 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1038 ### END LOGGING ###
1039@@ -1189,7 +1189,7 @@ WARN: Checks disabled
1040 ### LOGGING ###
1041 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1042 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1043--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1044+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1045 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1046 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1047 ### END LOGGING ###
1048@@ -1232,7 +1232,7 @@ WARN: Checks disabled
1049 ### LOGGING ###
1050 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1051 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1052--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1053+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1054 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1055 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1056 ### END LOGGING ###
1057@@ -1276,7 +1276,7 @@ WARN: Checks disabled
1058 ### LOGGING ###
1059 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1060 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1061--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1062+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1063 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1064 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1065 ### END LOGGING ###
1066@@ -1319,7 +1319,7 @@ WARN: Checks disabled
1067 ### LOGGING ###
1068 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1069 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1070--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1071+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1072 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1073 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1074 ### END LOGGING ###
1075@@ -1360,7 +1360,7 @@ COMMIT
1076 ### LOGGING ###
1077 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1078 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1079--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1080+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1081 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1082 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1083 ### END LOGGING ###
1084@@ -1403,7 +1403,7 @@ WARN: Checks disabled
1085 ### LOGGING ###
1086 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1087 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1088--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1089+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1090 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1091 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1092 ### END LOGGING ###
1093@@ -1446,7 +1446,7 @@ WARN: Checks disabled
1094 ### LOGGING ###
1095 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1096 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1097--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1098+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1099 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1100 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1101 ### END LOGGING ###
1102@@ -1489,7 +1489,7 @@ WARN: Checks disabled
1103 ### LOGGING ###
1104 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1105 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1106--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1107+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1108 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1109 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1110 ### END LOGGING ###
1111@@ -1532,7 +1532,7 @@ WARN: Checks disabled
1112 ### LOGGING ###
1113 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1114 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1115--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1116+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1117 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1118 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1119 ### END LOGGING ###
1120@@ -1568,8 +1568,8 @@ WARN: Checks disabled
1121 ### RULES ###
1122
1123 ### tuple ### limit tcp 80 0.0.0.0/0 any 0.0.0.0/0 Apache - in
1124--A ufw-user-input -p tcp --dport 80 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache'
1125--A ufw-user-input -p tcp --dport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
1126+-A ufw-user-input -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache'
1127+-A ufw-user-input -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
1128 -A ufw-user-input -p tcp --dport 80 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache'
1129
1130 ### END RULES ###
1131@@ -1577,7 +1577,7 @@ WARN: Checks disabled
1132 ### LOGGING ###
1133 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1134 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1135--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1136+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1137 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1138 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1139 ### END LOGGING ###
1140@@ -1613,8 +1613,8 @@ WARN: Checks disabled
1141 ### RULES ###
1142
1143 ### tuple ### limit tcp 443 0.0.0.0/0 any 0.0.0.0/0 Apache%20Secure - in
1144--A ufw-user-input -p tcp --dport 443 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache%20Secure'
1145--A ufw-user-input -p tcp --dport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Secure'
1146+-A ufw-user-input -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache%20Secure'
1147+-A ufw-user-input -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Secure'
1148 -A ufw-user-input -p tcp --dport 443 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache%20Secure'
1149
1150 ### END RULES ###
1151@@ -1622,7 +1622,7 @@ WARN: Checks disabled
1152 ### LOGGING ###
1153 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1154 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1155--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1156+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1157 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1158 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1159 ### END LOGGING ###
1160@@ -1658,8 +1658,8 @@ WARN: Checks disabled
1161 ### RULES ###
1162
1163 ### tuple ### limit tcp 80,443 0.0.0.0/0 any 0.0.0.0/0 Apache%20Full - in
1164--A ufw-user-input -p tcp -m multiport --dports 80,443 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache%20Full'
1165--A ufw-user-input -p tcp -m multiport --dports 80,443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full'
1166+-A ufw-user-input -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache%20Full'
1167+-A ufw-user-input -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full'
1168 -A ufw-user-input -p tcp -m multiport --dports 80,443 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache%20Full'
1169
1170 ### END RULES ###
1171@@ -1667,7 +1667,7 @@ WARN: Checks disabled
1172 ### LOGGING ###
1173 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1174 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1175--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1176+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1177 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1178 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1179 ### END LOGGING ###
1180@@ -1703,11 +1703,11 @@ WARN: Checks disabled
1181 ### RULES ###
1182
1183 ### tuple ### limit any 53 0.0.0.0/0 any 0.0.0.0/0 Bind9 - in
1184--A ufw-user-input -p tcp --dport 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9'
1185--A ufw-user-input -p tcp --dport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
1186+-A ufw-user-input -p tcp --dport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9'
1187+-A ufw-user-input -p tcp --dport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
1188 -A ufw-user-input -p tcp --dport 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9'
1189--A ufw-user-input -p udp --dport 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9'
1190--A ufw-user-input -p udp --dport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
1191+-A ufw-user-input -p udp --dport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9'
1192+-A ufw-user-input -p udp --dport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
1193 -A ufw-user-input -p udp --dport 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9'
1194
1195 ### END RULES ###
1196@@ -1715,7 +1715,7 @@ WARN: Checks disabled
1197 ### LOGGING ###
1198 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1199 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1200--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1201+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1202 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1203 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1204 ### END LOGGING ###
1205@@ -1751,8 +1751,8 @@ WARN: Checks disabled
1206 ### RULES ###
1207
1208 ### tuple ### limit udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
1209--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
1210--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
1211+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
1212+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
1213 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
1214
1215 ### END RULES ###
1216@@ -1760,7 +1760,7 @@ WARN: Checks disabled
1217 ### LOGGING ###
1218 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1219 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1220--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1221+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1222 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1223 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1224 ### END LOGGING ###
1225@@ -1791,13 +1791,13 @@ COMMIT
1226 ### RULES ###
1227
1228 ### tuple ### limit udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
1229--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
1230--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
1231+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
1232+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
1233 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
1234
1235 ### tuple ### limit tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
1236--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
1237--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
1238+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
1239+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
1240 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
1241
1242 ### END RULES ###
1243@@ -1805,7 +1805,7 @@ COMMIT
1244 ### LOGGING ###
1245 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1246 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1247--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1248+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1249 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1250 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1251 ### END LOGGING ###
1252@@ -1841,8 +1841,8 @@ WARN: Checks disabled
1253 ### RULES ###
1254
1255 ### tuple ### limit udp 123 0.0.0.0/0 any 0.0.0.0/0 OpenNTPD - in
1256--A ufw-user-input -p udp --dport 123 -m state --state NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
1257--A ufw-user-input -p udp --dport 123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
1258+-A ufw-user-input -p udp --dport 123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
1259+-A ufw-user-input -p udp --dport 123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
1260 -A ufw-user-input -p udp --dport 123 -j ufw-user-limit-accept -m comment --comment 'dapp_OpenNTPD'
1261
1262 ### END RULES ###
1263@@ -1850,7 +1850,7 @@ WARN: Checks disabled
1264 ### LOGGING ###
1265 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1266 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1267--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1268+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1269 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1270 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1271 ### END LOGGING ###
1272@@ -1886,8 +1886,8 @@ WARN: Checks disabled
1273 ### RULES ###
1274
1275 ### tuple ### limit tcp 1234,5678 0.0.0.0/0 any 0.0.0.0/0 Multi%20TCP - in
1276--A ufw-user-input -p tcp -m multiport --dports 1234,5678 -m state --state NEW -m recent --set -m comment --comment 'dapp_Multi%20TCP'
1277--A ufw-user-input -p tcp -m multiport --dports 1234,5678 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20TCP'
1278+-A ufw-user-input -p tcp -m multiport --dports 1234,5678 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Multi%20TCP'
1279+-A ufw-user-input -p tcp -m multiport --dports 1234,5678 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20TCP'
1280 -A ufw-user-input -p tcp -m multiport --dports 1234,5678 -j ufw-user-limit-accept -m comment --comment 'dapp_Multi%20TCP'
1281
1282 ### END RULES ###
1283@@ -1895,7 +1895,7 @@ WARN: Checks disabled
1284 ### LOGGING ###
1285 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1286 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1287--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1288+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1289 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1290 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1291 ### END LOGGING ###
1292@@ -1931,8 +1931,8 @@ WARN: Checks disabled
1293 ### RULES ###
1294
1295 ### tuple ### limit udp 1234,5678 0.0.0.0/0 any 0.0.0.0/0 Multi%20UDP - in
1296--A ufw-user-input -p udp -m multiport --dports 1234,5678 -m state --state NEW -m recent --set -m comment --comment 'dapp_Multi%20UDP'
1297--A ufw-user-input -p udp -m multiport --dports 1234,5678 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20UDP'
1298+-A ufw-user-input -p udp -m multiport --dports 1234,5678 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Multi%20UDP'
1299+-A ufw-user-input -p udp -m multiport --dports 1234,5678 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20UDP'
1300 -A ufw-user-input -p udp -m multiport --dports 1234,5678 -j ufw-user-limit-accept -m comment --comment 'dapp_Multi%20UDP'
1301
1302 ### END RULES ###
1303@@ -1940,7 +1940,7 @@ WARN: Checks disabled
1304 ### LOGGING ###
1305 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1306 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1307--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1308+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1309 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1310 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1311 ### END LOGGING ###
1312@@ -1976,8 +1976,8 @@ WARN: Checks disabled
1313 ### RULES ###
1314
1315 ### tuple ### limit tcp 8080:8089 0.0.0.0/0 any 0.0.0.0/0 Custom%20Web%20App2 - in
1316--A ufw-user-input -p tcp -m multiport --dports 8080:8089 -m state --state NEW -m recent --set -m comment --comment 'dapp_Custom%20Web%20App2'
1317--A ufw-user-input -p tcp -m multiport --dports 8080:8089 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Custom%20Web%20App2'
1318+-A ufw-user-input -p tcp -m multiport --dports 8080:8089 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Custom%20Web%20App2'
1319+-A ufw-user-input -p tcp -m multiport --dports 8080:8089 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Custom%20Web%20App2'
1320 -A ufw-user-input -p tcp -m multiport --dports 8080:8089 -j ufw-user-limit-accept -m comment --comment 'dapp_Custom%20Web%20App2'
1321
1322 ### END RULES ###
1323@@ -1985,7 +1985,7 @@ WARN: Checks disabled
1324 ### LOGGING ###
1325 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1326 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1327--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1328+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1329 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1330 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1331 ### END LOGGING ###
1332@@ -2029,7 +2029,7 @@ WARN: Checks disabled
1333 ### LOGGING ###
1334 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1335 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1336--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1337+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1338 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1339 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1340 ### END LOGGING ###
1341@@ -2072,7 +2072,7 @@ WARN: Checks disabled
1342 ### LOGGING ###
1343 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1344 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1345--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1346+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1347 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1348 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1349 ### END LOGGING ###
1350@@ -2115,7 +2115,7 @@ WARN: Checks disabled
1351 ### LOGGING ###
1352 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1353 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1354--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1355+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1356 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1357 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1358 ### END LOGGING ###
1359@@ -2159,7 +2159,7 @@ WARN: Checks disabled
1360 ### LOGGING ###
1361 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1362 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1363--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1364+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1365 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1366 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1367 ### END LOGGING ###
1368@@ -2202,7 +2202,7 @@ WARN: Checks disabled
1369 ### LOGGING ###
1370 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1371 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1372--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1373+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1374 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1375 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1376 ### END LOGGING ###
1377@@ -2243,7 +2243,7 @@ COMMIT
1378 ### LOGGING ###
1379 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1380 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1381--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1382+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1383 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1384 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1385 ### END LOGGING ###
1386@@ -2286,7 +2286,7 @@ WARN: Checks disabled
1387 ### LOGGING ###
1388 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1389 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1390--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1391+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1392 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1393 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1394 ### END LOGGING ###
1395@@ -2329,7 +2329,7 @@ WARN: Checks disabled
1396 ### LOGGING ###
1397 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1398 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1399--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1400+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1401 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1402 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1403 ### END LOGGING ###
1404@@ -2372,7 +2372,7 @@ WARN: Checks disabled
1405 ### LOGGING ###
1406 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1407 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1408--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1409+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1410 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1411 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1412 ### END LOGGING ###
1413@@ -2415,7 +2415,7 @@ WARN: Checks disabled
1414 ### LOGGING ###
1415 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1416 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1417--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1418+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1419 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1420 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1421 ### END LOGGING ###
1422@@ -2458,7 +2458,7 @@ WARN: Checks disabled
1423 ### LOGGING ###
1424 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1425 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1426--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1427+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1428 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1429 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1430 ### END LOGGING ###
1431@@ -2501,7 +2501,7 @@ WARN: Checks disabled
1432 ### LOGGING ###
1433 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1434 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1435--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1436+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1437 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1438 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1439 ### END LOGGING ###
1440@@ -2545,7 +2545,7 @@ WARN: Checks disabled
1441 ### LOGGING ###
1442 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1443 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1444--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1445+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1446 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1447 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1448 ### END LOGGING ###
1449@@ -2588,7 +2588,7 @@ WARN: Checks disabled
1450 ### LOGGING ###
1451 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1452 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1453--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1454+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1455 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1456 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1457 ### END LOGGING ###
1458@@ -2629,7 +2629,7 @@ COMMIT
1459 ### LOGGING ###
1460 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1461 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1462--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1463+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1464 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1465 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1466 ### END LOGGING ###
1467@@ -2672,7 +2672,7 @@ WARN: Checks disabled
1468 ### LOGGING ###
1469 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1470 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1471--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1472+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1473 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1474 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1475 ### END LOGGING ###
1476@@ -2715,7 +2715,7 @@ WARN: Checks disabled
1477 ### LOGGING ###
1478 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1479 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1480--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1481+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1482 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1483 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1484 ### END LOGGING ###
1485@@ -2758,7 +2758,7 @@ WARN: Checks disabled
1486 ### LOGGING ###
1487 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1488 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1489--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1490+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1491 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1492 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1493 ### END LOGGING ###
1494@@ -2801,7 +2801,7 @@ WARN: Checks disabled
1495 ### LOGGING ###
1496 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1497 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1498--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1499+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1500 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1501 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1502 ### END LOGGING ###
1503@@ -2844,7 +2844,7 @@ WARN: Checks disabled
1504 ### LOGGING ###
1505 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1506 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1507--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1508+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1509 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1510 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1511 ### END LOGGING ###
1512@@ -2887,7 +2887,7 @@ WARN: Checks disabled
1513 ### LOGGING ###
1514 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1515 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1516--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1517+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1518 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1519 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1520 ### END LOGGING ###
1521@@ -2931,7 +2931,7 @@ WARN: Checks disabled
1522 ### LOGGING ###
1523 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1524 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1525--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1526+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1527 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1528 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1529 ### END LOGGING ###
1530@@ -2974,7 +2974,7 @@ WARN: Checks disabled
1531 ### LOGGING ###
1532 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1533 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1534--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1535+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1536 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1537 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1538 ### END LOGGING ###
1539@@ -3015,7 +3015,7 @@ COMMIT
1540 ### LOGGING ###
1541 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1542 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1543--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1544+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1545 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1546 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1547 ### END LOGGING ###
1548@@ -3058,7 +3058,7 @@ WARN: Checks disabled
1549 ### LOGGING ###
1550 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1551 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1552--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1553+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1554 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1555 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1556 ### END LOGGING ###
1557@@ -3101,7 +3101,7 @@ WARN: Checks disabled
1558 ### LOGGING ###
1559 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1560 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1561--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1562+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1563 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1564 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1565 ### END LOGGING ###
1566@@ -3144,7 +3144,7 @@ WARN: Checks disabled
1567 ### LOGGING ###
1568 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1569 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1570--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1571+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1572 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1573 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1574 ### END LOGGING ###
1575@@ -3187,7 +3187,7 @@ WARN: Checks disabled
1576 ### LOGGING ###
1577 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1578 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1579--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1580+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1581 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1582 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1583 ### END LOGGING ###
1584@@ -3230,7 +3230,7 @@ WARN: Checks disabled
1585 ### LOGGING ###
1586 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1587 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1588--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1589+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1590 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1591 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1592 ### END LOGGING ###
1593@@ -3273,7 +3273,7 @@ WARN: Checks disabled
1594 ### LOGGING ###
1595 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1596 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1597--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1598+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1599 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1600 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1601 ### END LOGGING ###
1602@@ -3317,7 +3317,7 @@ WARN: Checks disabled
1603 ### LOGGING ###
1604 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1605 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1606--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1607+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1608 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1609 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1610 ### END LOGGING ###
1611@@ -3360,7 +3360,7 @@ WARN: Checks disabled
1612 ### LOGGING ###
1613 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1614 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1615--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1616+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1617 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1618 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1619 ### END LOGGING ###
1620@@ -3401,7 +3401,7 @@ COMMIT
1621 ### LOGGING ###
1622 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1623 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1624--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1625+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1626 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1627 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1628 ### END LOGGING ###
1629@@ -3444,7 +3444,7 @@ WARN: Checks disabled
1630 ### LOGGING ###
1631 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1632 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1633--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1634+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1635 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1636 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1637 ### END LOGGING ###
1638@@ -3487,7 +3487,7 @@ WARN: Checks disabled
1639 ### LOGGING ###
1640 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1641 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1642--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1643+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1644 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1645 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1646 ### END LOGGING ###
1647@@ -3530,7 +3530,7 @@ WARN: Checks disabled
1648 ### LOGGING ###
1649 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1650 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1651--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1652+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1653 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1654 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1655 ### END LOGGING ###
1656@@ -3573,7 +3573,7 @@ WARN: Checks disabled
1657 ### LOGGING ###
1658 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1659 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1660--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1661+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1662 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1663 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1664 ### END LOGGING ###
1665@@ -3616,7 +3616,7 @@ WARN: Checks disabled
1666 ### LOGGING ###
1667 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1668 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1669--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1670+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1671 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1672 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1673 ### END LOGGING ###
1674@@ -3659,7 +3659,7 @@ WARN: Checks disabled
1675 ### LOGGING ###
1676 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1677 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1678--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1679+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1680 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1681 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1682 ### END LOGGING ###
1683@@ -3700,7 +3700,7 @@ COMMIT
1684 ### LOGGING ###
1685 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1686 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1687--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1688+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1689 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1690 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1691 ### END LOGGING ###
1692@@ -3743,7 +3743,7 @@ WARN: Checks disabled
1693 ### LOGGING ###
1694 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1695 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1696--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1697+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1698 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1699 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1700 ### END LOGGING ###
1701@@ -3784,7 +3784,7 @@ COMMIT
1702 ### LOGGING ###
1703 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1704 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1705--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1706+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1707 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1708 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1709 ### END LOGGING ###
1710@@ -3827,7 +3827,7 @@ WARN: Checks disabled
1711 ### LOGGING ###
1712 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1713 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1714--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1715+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1716 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1717 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1718 ### END LOGGING ###
1719@@ -3870,7 +3870,7 @@ WARN: Checks disabled
1720 ### LOGGING ###
1721 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1722 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1723--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1724+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1725 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1726 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1727 ### END LOGGING ###
1728@@ -3913,7 +3913,7 @@ WARN: Checks disabled
1729 ### LOGGING ###
1730 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1731 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1732--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1733+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1734 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1735 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1736 ### END LOGGING ###
1737@@ -3956,7 +3956,7 @@ WARN: Checks disabled
1738 ### LOGGING ###
1739 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1740 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1741--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1742+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1743 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1744 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1745 ### END LOGGING ###
1746@@ -3997,7 +3997,7 @@ COMMIT
1747 ### LOGGING ###
1748 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1749 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1750--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1751+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1752 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1753 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1754 ### END LOGGING ###
1755@@ -4040,7 +4040,7 @@ WARN: Checks disabled
1756 ### LOGGING ###
1757 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1758 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1759--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1760+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1761 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1762 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1763 ### END LOGGING ###
1764@@ -4081,7 +4081,7 @@ COMMIT
1765 ### LOGGING ###
1766 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1767 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1768--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1769+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1770 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1771 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1772 ### END LOGGING ###
1773@@ -4124,7 +4124,7 @@ WARN: Checks disabled
1774 ### LOGGING ###
1775 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1776 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1777--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1778+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1779 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1780 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1781 ### END LOGGING ###
1782@@ -4167,7 +4167,7 @@ WARN: Checks disabled
1783 ### LOGGING ###
1784 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1785 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1786--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1787+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1788 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1789 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1790 ### END LOGGING ###
1791@@ -4208,7 +4208,7 @@ COMMIT
1792 ### LOGGING ###
1793 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1794 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1795--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1796+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1797 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1798 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1799 ### END LOGGING ###
1800@@ -4251,7 +4251,7 @@ WARN: Checks disabled
1801 ### LOGGING ###
1802 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1803 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1804--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1805+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1806 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1807 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1808 ### END LOGGING ###
1809@@ -4294,7 +4294,7 @@ WARN: Checks disabled
1810 ### LOGGING ###
1811 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1812 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1813--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1814+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1815 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1816 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1817 ### END LOGGING ###
1818@@ -4337,7 +4337,7 @@ WARN: Checks disabled
1819 ### LOGGING ###
1820 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1821 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1822--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1823+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1824 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1825 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1826 ### END LOGGING ###
1827@@ -4378,7 +4378,7 @@ COMMIT
1828 ### LOGGING ###
1829 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1830 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1831--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1832+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1833 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1834 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1835 ### END LOGGING ###
1836@@ -4421,7 +4421,7 @@ WARN: Checks disabled
1837 ### LOGGING ###
1838 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1839 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1840--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1841+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1842 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1843 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1844 ### END LOGGING ###
1845@@ -4462,7 +4462,7 @@ COMMIT
1846 ### LOGGING ###
1847 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1848 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1849--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1850+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1851 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1852 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1853 ### END LOGGING ###
1854@@ -4505,7 +4505,7 @@ WARN: Checks disabled
1855 ### LOGGING ###
1856 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1857 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1858--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1859+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1860 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1861 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1862 ### END LOGGING ###
1863@@ -4548,7 +4548,7 @@ WARN: Checks disabled
1864 ### LOGGING ###
1865 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1866 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1867--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1868+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1869 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1870 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1871 ### END LOGGING ###
1872@@ -4591,7 +4591,7 @@ WARN: Checks disabled
1873 ### LOGGING ###
1874 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1875 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1876--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1877+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1878 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1879 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1880 ### END LOGGING ###
1881@@ -4634,7 +4634,7 @@ WARN: Checks disabled
1882 ### LOGGING ###
1883 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1884 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1885--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1886+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1887 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1888 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1889 ### END LOGGING ###
1890@@ -4675,7 +4675,7 @@ COMMIT
1891 ### LOGGING ###
1892 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1893 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1894--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1895+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1896 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1897 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1898 ### END LOGGING ###
1899@@ -4718,7 +4718,7 @@ WARN: Checks disabled
1900 ### LOGGING ###
1901 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1902 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1903--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1904+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1905 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1906 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1907 ### END LOGGING ###
1908@@ -4759,7 +4759,7 @@ COMMIT
1909 ### LOGGING ###
1910 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1911 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1912--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1913+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1914 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1915 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1916 ### END LOGGING ###
1917@@ -4802,7 +4802,7 @@ WARN: Checks disabled
1918 ### LOGGING ###
1919 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1920 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1921--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1922+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1923 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1924 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1925 ### END LOGGING ###
1926@@ -4845,7 +4845,7 @@ WARN: Checks disabled
1927 ### LOGGING ###
1928 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1929 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1930--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1931+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1932 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1933 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1934 ### END LOGGING ###
1935@@ -4886,7 +4886,7 @@ COMMIT
1936 ### LOGGING ###
1937 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1938 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1939--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1940+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1941 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1942 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1943 ### END LOGGING ###
1944@@ -4929,7 +4929,7 @@ WARN: Checks disabled
1945 ### LOGGING ###
1946 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1947 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1948--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1949+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1950 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1951 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1952 ### END LOGGING ###
1953@@ -4972,7 +4972,7 @@ WARN: Checks disabled
1954 ### LOGGING ###
1955 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1956 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1957--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1958+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1959 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1960 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1961 ### END LOGGING ###
1962@@ -5015,7 +5015,7 @@ WARN: Checks disabled
1963 ### LOGGING ###
1964 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1965 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1966--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1967+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1968 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1969 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1970 ### END LOGGING ###
1971@@ -5059,7 +5059,7 @@ WARN: Checks disabled
1972 ### LOGGING ###
1973 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1974 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1975--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1976+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1977 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1978 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1979 ### END LOGGING ###
1980@@ -5102,7 +5102,7 @@ WARN: Checks disabled
1981 ### LOGGING ###
1982 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1983 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1984--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1985+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1986 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1987 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1988 ### END LOGGING ###
1989@@ -5143,7 +5143,7 @@ COMMIT
1990 ### LOGGING ###
1991 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1992 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1993--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1994+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
1995 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
1996 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
1997 ### END LOGGING ###
1998@@ -5186,7 +5186,7 @@ WARN: Checks disabled
1999 ### LOGGING ###
2000 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2001 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2002--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2003+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2004 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2005 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2006 ### END LOGGING ###
2007@@ -5229,7 +5229,7 @@ WARN: Checks disabled
2008 ### LOGGING ###
2009 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2010 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2011--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2012+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2013 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2014 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2015 ### END LOGGING ###
2016@@ -5272,7 +5272,7 @@ WARN: Checks disabled
2017 ### LOGGING ###
2018 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2019 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2020--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2021+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2022 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2023 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2024 ### END LOGGING ###
2025@@ -5315,7 +5315,7 @@ WARN: Checks disabled
2026 ### LOGGING ###
2027 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2028 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2029--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2030+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2031 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2032 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2033 ### END LOGGING ###
2034@@ -5358,7 +5358,7 @@ WARN: Checks disabled
2035 ### LOGGING ###
2036 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2037 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2038--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2039+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2040 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2041 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2042 ### END LOGGING ###
2043@@ -5401,7 +5401,7 @@ WARN: Checks disabled
2044 ### LOGGING ###
2045 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2046 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2047--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2048+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2049 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2050 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2051 ### END LOGGING ###
2052@@ -5445,7 +5445,7 @@ WARN: Checks disabled
2053 ### LOGGING ###
2054 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2055 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2056--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2057+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2058 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2059 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2060 ### END LOGGING ###
2061@@ -5488,7 +5488,7 @@ WARN: Checks disabled
2062 ### LOGGING ###
2063 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2064 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2065--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2066+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2067 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2068 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2069 ### END LOGGING ###
2070@@ -5529,7 +5529,7 @@ COMMIT
2071 ### LOGGING ###
2072 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2073 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2074--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2075+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2076 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2077 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2078 ### END LOGGING ###
2079@@ -5572,7 +5572,7 @@ WARN: Checks disabled
2080 ### LOGGING ###
2081 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2082 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2083--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2084+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2085 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2086 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2087 ### END LOGGING ###
2088@@ -5615,7 +5615,7 @@ WARN: Checks disabled
2089 ### LOGGING ###
2090 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2091 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2092--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2093+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2094 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2095 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2096 ### END LOGGING ###
2097@@ -5658,7 +5658,7 @@ WARN: Checks disabled
2098 ### LOGGING ###
2099 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2100 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2101--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2102+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2103 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2104 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2105 ### END LOGGING ###
2106@@ -5701,7 +5701,7 @@ WARN: Checks disabled
2107 ### LOGGING ###
2108 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2109 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2110--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2111+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2112 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2113 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2114 ### END LOGGING ###
2115@@ -5744,7 +5744,7 @@ WARN: Checks disabled
2116 ### LOGGING ###
2117 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2118 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2119--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2120+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2121 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2122 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2123 ### END LOGGING ###
2124@@ -5787,7 +5787,7 @@ WARN: Checks disabled
2125 ### LOGGING ###
2126 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2127 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2128--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2129+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2130 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2131 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2132 ### END LOGGING ###
2133@@ -5831,7 +5831,7 @@ WARN: Checks disabled
2134 ### LOGGING ###
2135 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2136 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2137--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2138+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2139 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2140 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2141 ### END LOGGING ###
2142@@ -5874,7 +5874,7 @@ WARN: Checks disabled
2143 ### LOGGING ###
2144 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2145 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2146--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2147+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2148 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2149 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2150 ### END LOGGING ###
2151@@ -5915,7 +5915,7 @@ COMMIT
2152 ### LOGGING ###
2153 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2154 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2155--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2156+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2157 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2158 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2159 ### END LOGGING ###
2160@@ -5958,7 +5958,7 @@ WARN: Checks disabled
2161 ### LOGGING ###
2162 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2163 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2164--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2165+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2166 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2167 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2168 ### END LOGGING ###
2169@@ -6001,7 +6001,7 @@ WARN: Checks disabled
2170 ### LOGGING ###
2171 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2172 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2173--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2174+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2175 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2176 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2177 ### END LOGGING ###
2178@@ -6044,7 +6044,7 @@ WARN: Checks disabled
2179 ### LOGGING ###
2180 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2181 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2182--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2183+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2184 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2185 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2186 ### END LOGGING ###
2187@@ -6087,7 +6087,7 @@ WARN: Checks disabled
2188 ### LOGGING ###
2189 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2190 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2191--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2192+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2193 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2194 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2195 ### END LOGGING ###
2196@@ -6130,7 +6130,7 @@ WARN: Checks disabled
2197 ### LOGGING ###
2198 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2199 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2200--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2201+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2202 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2203 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2204 ### END LOGGING ###
2205@@ -6173,7 +6173,7 @@ WARN: Checks disabled
2206 ### LOGGING ###
2207 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2208 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2209--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2210+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2211 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2212 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2213 ### END LOGGING ###
2214@@ -6217,7 +6217,7 @@ WARN: Checks disabled
2215 ### LOGGING ###
2216 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2217 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2218--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2219+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2220 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2221 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2222 ### END LOGGING ###
2223@@ -6260,7 +6260,7 @@ WARN: Checks disabled
2224 ### LOGGING ###
2225 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2226 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2227--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2228+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2229 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2230 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2231 ### END LOGGING ###
2232@@ -6301,7 +6301,7 @@ COMMIT
2233 ### LOGGING ###
2234 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2235 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2236--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2237+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2238 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2239 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2240 ### END LOGGING ###
2241@@ -6344,7 +6344,7 @@ WARN: Checks disabled
2242 ### LOGGING ###
2243 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2244 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2245--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2246+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2247 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2248 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2249 ### END LOGGING ###
2250@@ -6387,7 +6387,7 @@ WARN: Checks disabled
2251 ### LOGGING ###
2252 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2253 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2254--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2255+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2256 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2257 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2258 ### END LOGGING ###
2259@@ -6430,7 +6430,7 @@ WARN: Checks disabled
2260 ### LOGGING ###
2261 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2262 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2263--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2264+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2265 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2266 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2267 ### END LOGGING ###
2268@@ -6473,7 +6473,7 @@ WARN: Checks disabled
2269 ### LOGGING ###
2270 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2271 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2272--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2273+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2274 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2275 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2276 ### END LOGGING ###
2277@@ -6516,7 +6516,7 @@ WARN: Checks disabled
2278 ### LOGGING ###
2279 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2280 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2281--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2282+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2283 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2284 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2285 ### END LOGGING ###
2286@@ -6559,7 +6559,7 @@ WARN: Checks disabled
2287 ### LOGGING ###
2288 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2289 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2290--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2291+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2292 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2293 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2294 ### END LOGGING ###
2295@@ -6600,7 +6600,7 @@ COMMIT
2296 ### LOGGING ###
2297 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2298 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2299--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2300+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2301 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2302 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2303 ### END LOGGING ###
2304@@ -6643,7 +6643,7 @@ WARN: Checks disabled
2305 ### LOGGING ###
2306 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2307 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2308--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2309+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2310 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2311 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2312 ### END LOGGING ###
2313@@ -6684,7 +6684,7 @@ COMMIT
2314 ### LOGGING ###
2315 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2316 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2317--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2318+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2319 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2320 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2321 ### END LOGGING ###
2322@@ -6727,7 +6727,7 @@ WARN: Checks disabled
2323 ### LOGGING ###
2324 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2325 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2326--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2327+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2328 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2329 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2330 ### END LOGGING ###
2331@@ -6770,7 +6770,7 @@ WARN: Checks disabled
2332 ### LOGGING ###
2333 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2334 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2335--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2336+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2337 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2338 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2339 ### END LOGGING ###
2340@@ -6813,7 +6813,7 @@ WARN: Checks disabled
2341 ### LOGGING ###
2342 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2343 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2344--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2345+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2346 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2347 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2348 ### END LOGGING ###
2349@@ -6856,7 +6856,7 @@ WARN: Checks disabled
2350 ### LOGGING ###
2351 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2352 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2353--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2354+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2355 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2356 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2357 ### END LOGGING ###
2358@@ -6897,7 +6897,7 @@ COMMIT
2359 ### LOGGING ###
2360 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2361 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2362--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2363+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2364 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2365 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2366 ### END LOGGING ###
2367@@ -6940,7 +6940,7 @@ WARN: Checks disabled
2368 ### LOGGING ###
2369 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2370 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2371--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2372+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2373 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2374 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2375 ### END LOGGING ###
2376@@ -6981,7 +6981,7 @@ COMMIT
2377 ### LOGGING ###
2378 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2379 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2380--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2381+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2382 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2383 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2384 ### END LOGGING ###
2385@@ -7024,7 +7024,7 @@ WARN: Checks disabled
2386 ### LOGGING ###
2387 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2388 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2389--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2390+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2391 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2392 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2393 ### END LOGGING ###
2394@@ -7067,7 +7067,7 @@ WARN: Checks disabled
2395 ### LOGGING ###
2396 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2397 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2398--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2399+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2400 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2401 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2402 ### END LOGGING ###
2403@@ -7108,7 +7108,7 @@ COMMIT
2404 ### LOGGING ###
2405 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2406 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2407--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2408+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2409 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2410 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2411 ### END LOGGING ###
2412@@ -7151,7 +7151,7 @@ WARN: Checks disabled
2413 ### LOGGING ###
2414 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2415 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2416--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2417+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2418 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2419 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2420 ### END LOGGING ###
2421@@ -7194,7 +7194,7 @@ WARN: Checks disabled
2422 ### LOGGING ###
2423 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2424 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2425--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2426+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2427 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2428 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2429 ### END LOGGING ###
2430@@ -7237,7 +7237,7 @@ WARN: Checks disabled
2431 ### LOGGING ###
2432 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2433 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2434--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2435+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2436 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2437 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2438 ### END LOGGING ###
2439@@ -7278,7 +7278,7 @@ COMMIT
2440 ### LOGGING ###
2441 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2442 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2443--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2444+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2445 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2446 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2447 ### END LOGGING ###
2448@@ -7321,7 +7321,7 @@ WARN: Checks disabled
2449 ### LOGGING ###
2450 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2451 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2452--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2453+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2454 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2455 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2456 ### END LOGGING ###
2457@@ -7362,7 +7362,7 @@ COMMIT
2458 ### LOGGING ###
2459 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2460 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2461--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2462+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2463 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2464 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2465 ### END LOGGING ###
2466@@ -7405,7 +7405,7 @@ WARN: Checks disabled
2467 ### LOGGING ###
2468 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2469 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2470--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2471+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2472 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2473 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2474 ### END LOGGING ###
2475@@ -7448,7 +7448,7 @@ WARN: Checks disabled
2476 ### LOGGING ###
2477 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2478 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2479--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2480+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2481 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2482 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2483 ### END LOGGING ###
2484@@ -7491,7 +7491,7 @@ WARN: Checks disabled
2485 ### LOGGING ###
2486 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2487 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2488--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2489+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2490 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2491 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2492 ### END LOGGING ###
2493@@ -7534,7 +7534,7 @@ WARN: Checks disabled
2494 ### LOGGING ###
2495 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2496 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2497--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2498+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2499 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2500 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2501 ### END LOGGING ###
2502@@ -7575,7 +7575,7 @@ COMMIT
2503 ### LOGGING ###
2504 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2505 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2506--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2507+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2508 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2509 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2510 ### END LOGGING ###
2511@@ -7618,7 +7618,7 @@ WARN: Checks disabled
2512 ### LOGGING ###
2513 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2514 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2515--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2516+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2517 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2518 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2519 ### END LOGGING ###
2520@@ -7659,7 +7659,7 @@ COMMIT
2521 ### LOGGING ###
2522 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2523 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2524--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2525+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2526 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2527 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2528 ### END LOGGING ###
2529@@ -7702,7 +7702,7 @@ WARN: Checks disabled
2530 ### LOGGING ###
2531 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2532 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2533--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2534+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2535 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2536 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2537 ### END LOGGING ###
2538@@ -7745,7 +7745,7 @@ WARN: Checks disabled
2539 ### LOGGING ###
2540 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2541 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2542--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2543+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2544 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2545 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2546 ### END LOGGING ###
2547@@ -7786,7 +7786,7 @@ COMMIT
2548 ### LOGGING ###
2549 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2550 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2551--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2552+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2553 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2554 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2555 ### END LOGGING ###
2556@@ -7822,8 +7822,8 @@ WARN: Checks disabled
2557 ### RULES ###
2558
2559 ### tuple ### limit tcp 80 192.168.0.0/16 any 0.0.0.0/0 Apache - in
2560--A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 80 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache'
2561--A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
2562+-A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache'
2563+-A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
2564 -A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 80 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache'
2565
2566 ### END RULES ###
2567@@ -7831,7 +7831,7 @@ WARN: Checks disabled
2568 ### LOGGING ###
2569 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2570 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2571--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2572+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2573 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2574 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2575 ### END LOGGING ###
2576@@ -7867,8 +7867,8 @@ WARN: Checks disabled
2577 ### RULES ###
2578
2579 ### tuple ### limit tcp 443 192.168.0.0/16 any 0.0.0.0/0 Apache%20Secure - in
2580--A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 443 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache%20Secure'
2581--A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Secure'
2582+-A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache%20Secure'
2583+-A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Secure'
2584 -A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 443 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache%20Secure'
2585
2586 ### END RULES ###
2587@@ -7876,7 +7876,7 @@ WARN: Checks disabled
2588 ### LOGGING ###
2589 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2590 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2591--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2592+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2593 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2594 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2595 ### END LOGGING ###
2596@@ -7912,8 +7912,8 @@ WARN: Checks disabled
2597 ### RULES ###
2598
2599 ### tuple ### limit tcp 80,443 192.168.0.0/16 any 0.0.0.0/0 Apache%20Full - in
2600--A ufw-user-input -p tcp -m multiport --dports 80,443 -d 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache%20Full'
2601--A ufw-user-input -p tcp -m multiport --dports 80,443 -d 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full'
2602+-A ufw-user-input -p tcp -m multiport --dports 80,443 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache%20Full'
2603+-A ufw-user-input -p tcp -m multiport --dports 80,443 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full'
2604 -A ufw-user-input -p tcp -m multiport --dports 80,443 -d 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache%20Full'
2605
2606 ### END RULES ###
2607@@ -7921,7 +7921,7 @@ WARN: Checks disabled
2608 ### LOGGING ###
2609 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2610 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2611--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2612+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2613 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2614 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2615 ### END LOGGING ###
2616@@ -7957,11 +7957,11 @@ WARN: Checks disabled
2617 ### RULES ###
2618
2619 ### tuple ### limit any 53 192.168.0.0/16 any 0.0.0.0/0 Bind9 - in
2620--A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9'
2621--A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
2622+-A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9'
2623+-A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
2624 -A ufw-user-input -p tcp -d 192.168.0.0/16 --dport 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9'
2625--A ufw-user-input -p udp -d 192.168.0.0/16 --dport 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9'
2626--A ufw-user-input -p udp -d 192.168.0.0/16 --dport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
2627+-A ufw-user-input -p udp -d 192.168.0.0/16 --dport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9'
2628+-A ufw-user-input -p udp -d 192.168.0.0/16 --dport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
2629 -A ufw-user-input -p udp -d 192.168.0.0/16 --dport 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9'
2630
2631 ### END RULES ###
2632@@ -7969,7 +7969,7 @@ WARN: Checks disabled
2633 ### LOGGING ###
2634 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2635 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2636--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2637+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2638 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2639 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2640 ### END LOGGING ###
2641@@ -8005,8 +8005,8 @@ WARN: Checks disabled
2642 ### RULES ###
2643
2644 ### tuple ### limit udp 137,138 192.168.0.0/16 any 0.0.0.0/0 Samba - in
2645--A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
2646--A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2647+-A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
2648+-A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2649 -A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
2650
2651 ### END RULES ###
2652@@ -8014,7 +8014,7 @@ WARN: Checks disabled
2653 ### LOGGING ###
2654 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2655 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2656--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2657+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2658 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2659 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2660 ### END LOGGING ###
2661@@ -8045,13 +8045,13 @@ COMMIT
2662 ### RULES ###
2663
2664 ### tuple ### limit udp 137,138 192.168.0.0/16 any 0.0.0.0/0 Samba - in
2665--A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
2666--A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2667+-A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
2668+-A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2669 -A ufw-user-input -p udp -m multiport --dports 137,138 -d 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
2670
2671 ### tuple ### limit tcp 139,445 192.168.0.0/16 any 0.0.0.0/0 Samba - in
2672--A ufw-user-input -p tcp -m multiport --dports 139,445 -d 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
2673--A ufw-user-input -p tcp -m multiport --dports 139,445 -d 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2674+-A ufw-user-input -p tcp -m multiport --dports 139,445 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
2675+-A ufw-user-input -p tcp -m multiport --dports 139,445 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2676 -A ufw-user-input -p tcp -m multiport --dports 139,445 -d 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
2677
2678 ### END RULES ###
2679@@ -8059,7 +8059,7 @@ COMMIT
2680 ### LOGGING ###
2681 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2682 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2683--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2684+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2685 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2686 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2687 ### END LOGGING ###
2688@@ -8095,8 +8095,8 @@ WARN: Checks disabled
2689 ### RULES ###
2690
2691 ### tuple ### limit udp 123 192.168.0.0/16 any 0.0.0.0/0 OpenNTPD - in
2692--A ufw-user-input -p udp -d 192.168.0.0/16 --dport 123 -m state --state NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
2693--A ufw-user-input -p udp -d 192.168.0.0/16 --dport 123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
2694+-A ufw-user-input -p udp -d 192.168.0.0/16 --dport 123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
2695+-A ufw-user-input -p udp -d 192.168.0.0/16 --dport 123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
2696 -A ufw-user-input -p udp -d 192.168.0.0/16 --dport 123 -j ufw-user-limit-accept -m comment --comment 'dapp_OpenNTPD'
2697
2698 ### END RULES ###
2699@@ -8104,7 +8104,7 @@ WARN: Checks disabled
2700 ### LOGGING ###
2701 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2702 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2703--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2704+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2705 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2706 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2707 ### END LOGGING ###
2708@@ -8140,8 +8140,8 @@ WARN: Checks disabled
2709 ### RULES ###
2710
2711 ### tuple ### limit tcp 1234,5678 192.168.0.0/16 any 0.0.0.0/0 Multi%20TCP - in
2712--A ufw-user-input -p tcp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'dapp_Multi%20TCP'
2713--A ufw-user-input -p tcp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20TCP'
2714+-A ufw-user-input -p tcp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Multi%20TCP'
2715+-A ufw-user-input -p tcp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20TCP'
2716 -A ufw-user-input -p tcp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'dapp_Multi%20TCP'
2717
2718 ### END RULES ###
2719@@ -8149,7 +8149,7 @@ WARN: Checks disabled
2720 ### LOGGING ###
2721 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2722 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2723--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2724+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2725 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2726 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2727 ### END LOGGING ###
2728@@ -8185,8 +8185,8 @@ WARN: Checks disabled
2729 ### RULES ###
2730
2731 ### tuple ### limit udp 1234,5678 192.168.0.0/16 any 0.0.0.0/0 Multi%20UDP - in
2732--A ufw-user-input -p udp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'dapp_Multi%20UDP'
2733--A ufw-user-input -p udp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20UDP'
2734+-A ufw-user-input -p udp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Multi%20UDP'
2735+-A ufw-user-input -p udp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20UDP'
2736 -A ufw-user-input -p udp -m multiport --dports 1234,5678 -d 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'dapp_Multi%20UDP'
2737
2738 ### END RULES ###
2739@@ -8194,7 +8194,7 @@ WARN: Checks disabled
2740 ### LOGGING ###
2741 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2742 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2743--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2744+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2745 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2746 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2747 ### END LOGGING ###
2748@@ -8230,8 +8230,8 @@ WARN: Checks disabled
2749 ### RULES ###
2750
2751 ### tuple ### limit tcp 80 0.0.0.0/0 any 0.0.0.0/0 Apache - in
2752--A ufw-user-input -p tcp --dport 80 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache'
2753--A ufw-user-input -p tcp --dport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
2754+-A ufw-user-input -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache'
2755+-A ufw-user-input -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
2756 -A ufw-user-input -p tcp --dport 80 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache'
2757
2758 ### END RULES ###
2759@@ -8239,7 +8239,7 @@ WARN: Checks disabled
2760 ### LOGGING ###
2761 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2762 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2763--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2764+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2765 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2766 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2767 ### END LOGGING ###
2768@@ -8275,8 +8275,8 @@ WARN: Checks disabled
2769 ### RULES ###
2770
2771 ### tuple ### limit tcp 443 0.0.0.0/0 any 0.0.0.0/0 Apache%20Secure - in
2772--A ufw-user-input -p tcp --dport 443 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache%20Secure'
2773--A ufw-user-input -p tcp --dport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Secure'
2774+-A ufw-user-input -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache%20Secure'
2775+-A ufw-user-input -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Secure'
2776 -A ufw-user-input -p tcp --dport 443 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache%20Secure'
2777
2778 ### END RULES ###
2779@@ -8284,7 +8284,7 @@ WARN: Checks disabled
2780 ### LOGGING ###
2781 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2782 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2783--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2784+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2785 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2786 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2787 ### END LOGGING ###
2788@@ -8320,8 +8320,8 @@ WARN: Checks disabled
2789 ### RULES ###
2790
2791 ### tuple ### limit tcp 80,443 0.0.0.0/0 any 0.0.0.0/0 Apache%20Full - in
2792--A ufw-user-input -p tcp -m multiport --dports 80,443 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache%20Full'
2793--A ufw-user-input -p tcp -m multiport --dports 80,443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full'
2794+-A ufw-user-input -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache%20Full'
2795+-A ufw-user-input -p tcp -m multiport --dports 80,443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full'
2796 -A ufw-user-input -p tcp -m multiport --dports 80,443 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache%20Full'
2797
2798 ### END RULES ###
2799@@ -8329,7 +8329,7 @@ WARN: Checks disabled
2800 ### LOGGING ###
2801 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2802 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2803--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2804+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2805 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2806 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2807 ### END LOGGING ###
2808@@ -8365,11 +8365,11 @@ WARN: Checks disabled
2809 ### RULES ###
2810
2811 ### tuple ### limit any 53 0.0.0.0/0 any 0.0.0.0/0 Bind9 - in
2812--A ufw-user-input -p tcp --dport 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9'
2813--A ufw-user-input -p tcp --dport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
2814+-A ufw-user-input -p tcp --dport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9'
2815+-A ufw-user-input -p tcp --dport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
2816 -A ufw-user-input -p tcp --dport 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9'
2817--A ufw-user-input -p udp --dport 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9'
2818--A ufw-user-input -p udp --dport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
2819+-A ufw-user-input -p udp --dport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9'
2820+-A ufw-user-input -p udp --dport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9'
2821 -A ufw-user-input -p udp --dport 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9'
2822
2823 ### END RULES ###
2824@@ -8377,7 +8377,7 @@ WARN: Checks disabled
2825 ### LOGGING ###
2826 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2827 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2828--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2829+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2830 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2831 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2832 ### END LOGGING ###
2833@@ -8413,8 +8413,8 @@ WARN: Checks disabled
2834 ### RULES ###
2835
2836 ### tuple ### limit udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
2837--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
2838--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2839+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
2840+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2841 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
2842
2843 ### END RULES ###
2844@@ -8422,7 +8422,7 @@ WARN: Checks disabled
2845 ### LOGGING ###
2846 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2847 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2848--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2849+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2850 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2851 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2852 ### END LOGGING ###
2853@@ -8453,13 +8453,13 @@ COMMIT
2854 ### RULES ###
2855
2856 ### tuple ### limit udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
2857--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
2858--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2859+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
2860+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2861 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
2862
2863 ### tuple ### limit tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
2864--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
2865--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2866+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
2867+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
2868 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
2869
2870 ### END RULES ###
2871@@ -8467,7 +8467,7 @@ COMMIT
2872 ### LOGGING ###
2873 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2874 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2875--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2876+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2877 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2878 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2879 ### END LOGGING ###
2880@@ -8503,8 +8503,8 @@ WARN: Checks disabled
2881 ### RULES ###
2882
2883 ### tuple ### limit udp 123 0.0.0.0/0 any 0.0.0.0/0 OpenNTPD - in
2884--A ufw-user-input -p udp --dport 123 -m state --state NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
2885--A ufw-user-input -p udp --dport 123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
2886+-A ufw-user-input -p udp --dport 123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
2887+-A ufw-user-input -p udp --dport 123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
2888 -A ufw-user-input -p udp --dport 123 -j ufw-user-limit-accept -m comment --comment 'dapp_OpenNTPD'
2889
2890 ### END RULES ###
2891@@ -8512,7 +8512,7 @@ WARN: Checks disabled
2892 ### LOGGING ###
2893 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2894 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2895--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2896+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2897 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2898 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2899 ### END LOGGING ###
2900@@ -8548,8 +8548,8 @@ WARN: Checks disabled
2901 ### RULES ###
2902
2903 ### tuple ### limit tcp 1234,5678 0.0.0.0/0 any 0.0.0.0/0 Multi%20TCP - in
2904--A ufw-user-input -p tcp -m multiport --dports 1234,5678 -m state --state NEW -m recent --set -m comment --comment 'dapp_Multi%20TCP'
2905--A ufw-user-input -p tcp -m multiport --dports 1234,5678 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20TCP'
2906+-A ufw-user-input -p tcp -m multiport --dports 1234,5678 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Multi%20TCP'
2907+-A ufw-user-input -p tcp -m multiport --dports 1234,5678 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20TCP'
2908 -A ufw-user-input -p tcp -m multiport --dports 1234,5678 -j ufw-user-limit-accept -m comment --comment 'dapp_Multi%20TCP'
2909
2910 ### END RULES ###
2911@@ -8557,7 +8557,7 @@ WARN: Checks disabled
2912 ### LOGGING ###
2913 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2914 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2915--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2916+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2917 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2918 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2919 ### END LOGGING ###
2920@@ -8593,8 +8593,8 @@ WARN: Checks disabled
2921 ### RULES ###
2922
2923 ### tuple ### limit udp 1234,5678 0.0.0.0/0 any 0.0.0.0/0 Multi%20UDP - in
2924--A ufw-user-input -p udp -m multiport --dports 1234,5678 -m state --state NEW -m recent --set -m comment --comment 'dapp_Multi%20UDP'
2925--A ufw-user-input -p udp -m multiport --dports 1234,5678 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20UDP'
2926+-A ufw-user-input -p udp -m multiport --dports 1234,5678 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Multi%20UDP'
2927+-A ufw-user-input -p udp -m multiport --dports 1234,5678 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Multi%20UDP'
2928 -A ufw-user-input -p udp -m multiport --dports 1234,5678 -j ufw-user-limit-accept -m comment --comment 'dapp_Multi%20UDP'
2929
2930 ### END RULES ###
2931@@ -8602,7 +8602,7 @@ WARN: Checks disabled
2932 ### LOGGING ###
2933 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2934 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2935--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2936+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2937 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2938 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2939 ### END LOGGING ###
2940@@ -8638,8 +8638,8 @@ WARN: Checks disabled
2941 ### RULES ###
2942
2943 ### tuple ### limit tcp any 0.0.0.0/0 80 192.168.0.0/16 - Apache in
2944--A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 80 -m state --state NEW -m recent --set -m comment --comment 'sapp_Apache'
2945--A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache'
2946+-A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Apache'
2947+-A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache'
2948 -A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 80 -j ufw-user-limit-accept -m comment --comment 'sapp_Apache'
2949
2950 ### END RULES ###
2951@@ -8647,7 +8647,7 @@ WARN: Checks disabled
2952 ### LOGGING ###
2953 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2954 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2955--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2956+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2957 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2958 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2959 ### END LOGGING ###
2960@@ -8683,8 +8683,8 @@ WARN: Checks disabled
2961 ### RULES ###
2962
2963 ### tuple ### limit tcp any 0.0.0.0/0 443 192.168.0.0/16 - Apache%20Secure in
2964--A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 443 -m state --state NEW -m recent --set -m comment --comment 'sapp_Apache%20Secure'
2965--A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache%20Secure'
2966+-A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Apache%20Secure'
2967+-A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache%20Secure'
2968 -A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 443 -j ufw-user-limit-accept -m comment --comment 'sapp_Apache%20Secure'
2969
2970 ### END RULES ###
2971@@ -8692,7 +8692,7 @@ WARN: Checks disabled
2972 ### LOGGING ###
2973 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2974 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2975--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2976+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2977 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2978 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2979 ### END LOGGING ###
2980@@ -8728,8 +8728,8 @@ WARN: Checks disabled
2981 ### RULES ###
2982
2983 ### tuple ### limit tcp any 0.0.0.0/0 80,443 192.168.0.0/16 - Apache%20Full in
2984--A ufw-user-input -p tcp -m multiport --sports 80,443 -s 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'sapp_Apache%20Full'
2985--A ufw-user-input -p tcp -m multiport --sports 80,443 -s 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache%20Full'
2986+-A ufw-user-input -p tcp -m multiport --sports 80,443 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Apache%20Full'
2987+-A ufw-user-input -p tcp -m multiport --sports 80,443 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache%20Full'
2988 -A ufw-user-input -p tcp -m multiport --sports 80,443 -s 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'sapp_Apache%20Full'
2989
2990 ### END RULES ###
2991@@ -8737,7 +8737,7 @@ WARN: Checks disabled
2992 ### LOGGING ###
2993 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2994 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2995--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2996+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
2997 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
2998 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
2999 ### END LOGGING ###
3000@@ -8773,11 +8773,11 @@ WARN: Checks disabled
3001 ### RULES ###
3002
3003 ### tuple ### limit any any 0.0.0.0/0 53 192.168.0.0/16 - Bind9 in
3004--A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 53 -m state --state NEW -m recent --set -m comment --comment 'sapp_Bind9'
3005--A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Bind9'
3006+-A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Bind9'
3007+-A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Bind9'
3008 -A ufw-user-input -p tcp -s 192.168.0.0/16 --sport 53 -j ufw-user-limit-accept -m comment --comment 'sapp_Bind9'
3009--A ufw-user-input -p udp -s 192.168.0.0/16 --sport 53 -m state --state NEW -m recent --set -m comment --comment 'sapp_Bind9'
3010--A ufw-user-input -p udp -s 192.168.0.0/16 --sport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Bind9'
3011+-A ufw-user-input -p udp -s 192.168.0.0/16 --sport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Bind9'
3012+-A ufw-user-input -p udp -s 192.168.0.0/16 --sport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Bind9'
3013 -A ufw-user-input -p udp -s 192.168.0.0/16 --sport 53 -j ufw-user-limit-accept -m comment --comment 'sapp_Bind9'
3014
3015 ### END RULES ###
3016@@ -8785,7 +8785,7 @@ WARN: Checks disabled
3017 ### LOGGING ###
3018 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3019 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3020--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3021+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3022 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3023 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3024 ### END LOGGING ###
3025@@ -8821,8 +8821,8 @@ WARN: Checks disabled
3026 ### RULES ###
3027
3028 ### tuple ### limit udp any 0.0.0.0/0 137,138 192.168.0.0/16 - Samba in
3029--A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3030--A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3031+-A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3032+-A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3033 -A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3034
3035 ### END RULES ###
3036@@ -8830,7 +8830,7 @@ WARN: Checks disabled
3037 ### LOGGING ###
3038 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3039 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3040--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3041+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3042 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3043 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3044 ### END LOGGING ###
3045@@ -8861,13 +8861,13 @@ COMMIT
3046 ### RULES ###
3047
3048 ### tuple ### limit udp any 0.0.0.0/0 137,138 192.168.0.0/16 - Samba in
3049--A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3050--A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3051+-A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3052+-A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3053 -A ufw-user-input -p udp -m multiport --sports 137,138 -s 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3054
3055 ### tuple ### limit tcp any 0.0.0.0/0 139,445 192.168.0.0/16 - Samba in
3056--A ufw-user-input -p tcp -m multiport --sports 139,445 -s 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3057--A ufw-user-input -p tcp -m multiport --sports 139,445 -s 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3058+-A ufw-user-input -p tcp -m multiport --sports 139,445 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3059+-A ufw-user-input -p tcp -m multiport --sports 139,445 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3060 -A ufw-user-input -p tcp -m multiport --sports 139,445 -s 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3061
3062 ### END RULES ###
3063@@ -8875,7 +8875,7 @@ COMMIT
3064 ### LOGGING ###
3065 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3066 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3067--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3068+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3069 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3070 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3071 ### END LOGGING ###
3072@@ -8911,8 +8911,8 @@ WARN: Checks disabled
3073 ### RULES ###
3074
3075 ### tuple ### limit udp any 0.0.0.0/0 123 192.168.0.0/16 - OpenNTPD in
3076--A ufw-user-input -p udp -s 192.168.0.0/16 --sport 123 -m state --state NEW -m recent --set -m comment --comment 'sapp_OpenNTPD'
3077--A ufw-user-input -p udp -s 192.168.0.0/16 --sport 123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_OpenNTPD'
3078+-A ufw-user-input -p udp -s 192.168.0.0/16 --sport 123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_OpenNTPD'
3079+-A ufw-user-input -p udp -s 192.168.0.0/16 --sport 123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_OpenNTPD'
3080 -A ufw-user-input -p udp -s 192.168.0.0/16 --sport 123 -j ufw-user-limit-accept -m comment --comment 'sapp_OpenNTPD'
3081
3082 ### END RULES ###
3083@@ -8920,7 +8920,7 @@ WARN: Checks disabled
3084 ### LOGGING ###
3085 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3086 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3087--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3088+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3089 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3090 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3091 ### END LOGGING ###
3092@@ -8956,8 +8956,8 @@ WARN: Checks disabled
3093 ### RULES ###
3094
3095 ### tuple ### limit tcp any 0.0.0.0/0 1234,5678 192.168.0.0/16 - Multi%20TCP in
3096--A ufw-user-input -p tcp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'sapp_Multi%20TCP'
3097--A ufw-user-input -p tcp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Multi%20TCP'
3098+-A ufw-user-input -p tcp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Multi%20TCP'
3099+-A ufw-user-input -p tcp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Multi%20TCP'
3100 -A ufw-user-input -p tcp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'sapp_Multi%20TCP'
3101
3102 ### END RULES ###
3103@@ -8965,7 +8965,7 @@ WARN: Checks disabled
3104 ### LOGGING ###
3105 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3106 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3107--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3108+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3109 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3110 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3111 ### END LOGGING ###
3112@@ -9001,8 +9001,8 @@ WARN: Checks disabled
3113 ### RULES ###
3114
3115 ### tuple ### limit udp any 0.0.0.0/0 1234,5678 192.168.0.0/16 - Multi%20UDP in
3116--A ufw-user-input -p udp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -m state --state NEW -m recent --set -m comment --comment 'sapp_Multi%20UDP'
3117--A ufw-user-input -p udp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Multi%20UDP'
3118+-A ufw-user-input -p udp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Multi%20UDP'
3119+-A ufw-user-input -p udp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Multi%20UDP'
3120 -A ufw-user-input -p udp -m multiport --sports 1234,5678 -s 192.168.0.0/16 -j ufw-user-limit-accept -m comment --comment 'sapp_Multi%20UDP'
3121
3122 ### END RULES ###
3123@@ -9010,7 +9010,7 @@ WARN: Checks disabled
3124 ### LOGGING ###
3125 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3126 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3127--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3128+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3129 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3130 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3131 ### END LOGGING ###
3132@@ -9046,8 +9046,8 @@ WARN: Checks disabled
3133 ### RULES ###
3134
3135 ### tuple ### limit tcp any 0.0.0.0/0 80 0.0.0.0/0 - Apache in
3136--A ufw-user-input -p tcp --sport 80 -m state --state NEW -m recent --set -m comment --comment 'sapp_Apache'
3137--A ufw-user-input -p tcp --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache'
3138+-A ufw-user-input -p tcp --sport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Apache'
3139+-A ufw-user-input -p tcp --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache'
3140 -A ufw-user-input -p tcp --sport 80 -j ufw-user-limit-accept -m comment --comment 'sapp_Apache'
3141
3142 ### END RULES ###
3143@@ -9055,7 +9055,7 @@ WARN: Checks disabled
3144 ### LOGGING ###
3145 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3146 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3147--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3148+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3149 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3150 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3151 ### END LOGGING ###
3152@@ -9091,8 +9091,8 @@ WARN: Checks disabled
3153 ### RULES ###
3154
3155 ### tuple ### limit tcp any 0.0.0.0/0 443 0.0.0.0/0 - Apache%20Secure in
3156--A ufw-user-input -p tcp --sport 443 -m state --state NEW -m recent --set -m comment --comment 'sapp_Apache%20Secure'
3157--A ufw-user-input -p tcp --sport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache%20Secure'
3158+-A ufw-user-input -p tcp --sport 443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Apache%20Secure'
3159+-A ufw-user-input -p tcp --sport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache%20Secure'
3160 -A ufw-user-input -p tcp --sport 443 -j ufw-user-limit-accept -m comment --comment 'sapp_Apache%20Secure'
3161
3162 ### END RULES ###
3163@@ -9100,7 +9100,7 @@ WARN: Checks disabled
3164 ### LOGGING ###
3165 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3166 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3167--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3168+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3169 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3170 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3171 ### END LOGGING ###
3172@@ -9136,8 +9136,8 @@ WARN: Checks disabled
3173 ### RULES ###
3174
3175 ### tuple ### limit tcp any 0.0.0.0/0 80,443 0.0.0.0/0 - Apache%20Full in
3176--A ufw-user-input -p tcp -m multiport --sports 80,443 -m state --state NEW -m recent --set -m comment --comment 'sapp_Apache%20Full'
3177--A ufw-user-input -p tcp -m multiport --sports 80,443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache%20Full'
3178+-A ufw-user-input -p tcp -m multiport --sports 80,443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Apache%20Full'
3179+-A ufw-user-input -p tcp -m multiport --sports 80,443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache%20Full'
3180 -A ufw-user-input -p tcp -m multiport --sports 80,443 -j ufw-user-limit-accept -m comment --comment 'sapp_Apache%20Full'
3181
3182 ### END RULES ###
3183@@ -9145,7 +9145,7 @@ WARN: Checks disabled
3184 ### LOGGING ###
3185 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3186 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3187--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3188+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3189 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3190 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3191 ### END LOGGING ###
3192@@ -9181,11 +9181,11 @@ WARN: Checks disabled
3193 ### RULES ###
3194
3195 ### tuple ### limit any any 0.0.0.0/0 53 0.0.0.0/0 - Bind9 in
3196--A ufw-user-input -p tcp --sport 53 -m state --state NEW -m recent --set -m comment --comment 'sapp_Bind9'
3197--A ufw-user-input -p tcp --sport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Bind9'
3198+-A ufw-user-input -p tcp --sport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Bind9'
3199+-A ufw-user-input -p tcp --sport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Bind9'
3200 -A ufw-user-input -p tcp --sport 53 -j ufw-user-limit-accept -m comment --comment 'sapp_Bind9'
3201--A ufw-user-input -p udp --sport 53 -m state --state NEW -m recent --set -m comment --comment 'sapp_Bind9'
3202--A ufw-user-input -p udp --sport 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Bind9'
3203+-A ufw-user-input -p udp --sport 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Bind9'
3204+-A ufw-user-input -p udp --sport 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Bind9'
3205 -A ufw-user-input -p udp --sport 53 -j ufw-user-limit-accept -m comment --comment 'sapp_Bind9'
3206
3207 ### END RULES ###
3208@@ -9193,7 +9193,7 @@ WARN: Checks disabled
3209 ### LOGGING ###
3210 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3211 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3212--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3213+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3214 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3215 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3216 ### END LOGGING ###
3217@@ -9229,8 +9229,8 @@ WARN: Checks disabled
3218 ### RULES ###
3219
3220 ### tuple ### limit udp any 0.0.0.0/0 137,138 0.0.0.0/0 - Samba in
3221--A ufw-user-input -p udp -m multiport --sports 137,138 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3222--A ufw-user-input -p udp -m multiport --sports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3223+-A ufw-user-input -p udp -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3224+-A ufw-user-input -p udp -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3225 -A ufw-user-input -p udp -m multiport --sports 137,138 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3226
3227 ### END RULES ###
3228@@ -9238,7 +9238,7 @@ WARN: Checks disabled
3229 ### LOGGING ###
3230 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3231 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3232--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3233+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3234 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3235 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3236 ### END LOGGING ###
3237@@ -9269,13 +9269,13 @@ COMMIT
3238 ### RULES ###
3239
3240 ### tuple ### limit udp any 0.0.0.0/0 137,138 0.0.0.0/0 - Samba in
3241--A ufw-user-input -p udp -m multiport --sports 137,138 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3242--A ufw-user-input -p udp -m multiport --sports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3243+-A ufw-user-input -p udp -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3244+-A ufw-user-input -p udp -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3245 -A ufw-user-input -p udp -m multiport --sports 137,138 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3246
3247 ### tuple ### limit tcp any 0.0.0.0/0 139,445 0.0.0.0/0 - Samba in
3248--A ufw-user-input -p tcp -m multiport --sports 139,445 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3249--A ufw-user-input -p tcp -m multiport --sports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3250+-A ufw-user-input -p tcp -m multiport --sports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3251+-A ufw-user-input -p tcp -m multiport --sports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3252 -A ufw-user-input -p tcp -m multiport --sports 139,445 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3253
3254 ### END RULES ###
3255@@ -9283,7 +9283,7 @@ COMMIT
3256 ### LOGGING ###
3257 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3258 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3259--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3260+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3261 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3262 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3263 ### END LOGGING ###
3264@@ -9319,8 +9319,8 @@ WARN: Checks disabled
3265 ### RULES ###
3266
3267 ### tuple ### limit udp any 0.0.0.0/0 123 0.0.0.0/0 - OpenNTPD in
3268--A ufw-user-input -p udp --sport 123 -m state --state NEW -m recent --set -m comment --comment 'sapp_OpenNTPD'
3269--A ufw-user-input -p udp --sport 123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_OpenNTPD'
3270+-A ufw-user-input -p udp --sport 123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_OpenNTPD'
3271+-A ufw-user-input -p udp --sport 123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_OpenNTPD'
3272 -A ufw-user-input -p udp --sport 123 -j ufw-user-limit-accept -m comment --comment 'sapp_OpenNTPD'
3273
3274 ### END RULES ###
3275@@ -9328,7 +9328,7 @@ WARN: Checks disabled
3276 ### LOGGING ###
3277 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3278 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3279--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3280+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3281 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3282 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3283 ### END LOGGING ###
3284@@ -9364,8 +9364,8 @@ WARN: Checks disabled
3285 ### RULES ###
3286
3287 ### tuple ### limit tcp any 0.0.0.0/0 1234,5678 0.0.0.0/0 - Multi%20TCP in
3288--A ufw-user-input -p tcp -m multiport --sports 1234,5678 -m state --state NEW -m recent --set -m comment --comment 'sapp_Multi%20TCP'
3289--A ufw-user-input -p tcp -m multiport --sports 1234,5678 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Multi%20TCP'
3290+-A ufw-user-input -p tcp -m multiport --sports 1234,5678 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Multi%20TCP'
3291+-A ufw-user-input -p tcp -m multiport --sports 1234,5678 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Multi%20TCP'
3292 -A ufw-user-input -p tcp -m multiport --sports 1234,5678 -j ufw-user-limit-accept -m comment --comment 'sapp_Multi%20TCP'
3293
3294 ### END RULES ###
3295@@ -9373,7 +9373,7 @@ WARN: Checks disabled
3296 ### LOGGING ###
3297 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3298 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3299--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3300+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3301 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3302 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3303 ### END LOGGING ###
3304@@ -9409,8 +9409,8 @@ WARN: Checks disabled
3305 ### RULES ###
3306
3307 ### tuple ### limit udp any 0.0.0.0/0 1234,5678 0.0.0.0/0 - Multi%20UDP in
3308--A ufw-user-input -p udp -m multiport --sports 1234,5678 -m state --state NEW -m recent --set -m comment --comment 'sapp_Multi%20UDP'
3309--A ufw-user-input -p udp -m multiport --sports 1234,5678 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Multi%20UDP'
3310+-A ufw-user-input -p udp -m multiport --sports 1234,5678 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Multi%20UDP'
3311+-A ufw-user-input -p udp -m multiport --sports 1234,5678 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Multi%20UDP'
3312 -A ufw-user-input -p udp -m multiport --sports 1234,5678 -j ufw-user-limit-accept -m comment --comment 'sapp_Multi%20UDP'
3313
3314 ### END RULES ###
3315@@ -9418,7 +9418,7 @@ WARN: Checks disabled
3316 ### LOGGING ###
3317 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3318 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3319--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3320+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3321 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3322 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3323 ### END LOGGING ###
3324@@ -9454,8 +9454,8 @@ WARN: Checks disabled
3325 ### RULES ###
3326
3327 ### tuple ### limit tcp 8080 192.168.0.2 80 192.168.0.1 - Apache in
3328--A ufw-user-input -p tcp -d 192.168.0.2 --dport 8080 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set -m comment --comment 'sapp_Apache'
3329--A ufw-user-input -p tcp -d 192.168.0.2 --dport 8080 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache'
3330+-A ufw-user-input -p tcp -d 192.168.0.2 --dport 8080 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Apache'
3331+-A ufw-user-input -p tcp -d 192.168.0.2 --dport 8080 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache'
3332 -A ufw-user-input -p tcp -d 192.168.0.2 --dport 8080 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept -m comment --comment 'sapp_Apache'
3333
3334 ### END RULES ###
3335@@ -9463,7 +9463,7 @@ WARN: Checks disabled
3336 ### LOGGING ###
3337 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3338 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3339--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3340+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3341 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3342 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3343 ### END LOGGING ###
3344@@ -9499,8 +9499,8 @@ WARN: Checks disabled
3345 ### RULES ###
3346
3347 ### tuple ### limit udp 10123 192.168.0.2 123 192.168.0.1 - OpenNTPD in
3348--A ufw-user-input -p udp -d 192.168.0.2 --dport 10123 -s 192.168.0.1 --sport 123 -m state --state NEW -m recent --set -m comment --comment 'sapp_OpenNTPD'
3349--A ufw-user-input -p udp -d 192.168.0.2 --dport 10123 -s 192.168.0.1 --sport 123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_OpenNTPD'
3350+-A ufw-user-input -p udp -d 192.168.0.2 --dport 10123 -s 192.168.0.1 --sport 123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_OpenNTPD'
3351+-A ufw-user-input -p udp -d 192.168.0.2 --dport 10123 -s 192.168.0.1 --sport 123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_OpenNTPD'
3352 -A ufw-user-input -p udp -d 192.168.0.2 --dport 10123 -s 192.168.0.1 --sport 123 -j ufw-user-limit-accept -m comment --comment 'sapp_OpenNTPD'
3353
3354 ### END RULES ###
3355@@ -9508,7 +9508,7 @@ WARN: Checks disabled
3356 ### LOGGING ###
3357 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3358 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3359--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3360+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3361 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3362 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3363 ### END LOGGING ###
3364@@ -9544,8 +9544,8 @@ WARN: Checks disabled
3365 ### RULES ###
3366
3367 ### tuple ### limit udp 53 192.168.0.2 137,138 192.168.0.1 Bind9 Samba in
3368--A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3369--A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3370+-A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3371+-A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3372 -A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9,sapp_Samba'
3373
3374 ### END RULES ###
3375@@ -9553,7 +9553,7 @@ WARN: Checks disabled
3376 ### LOGGING ###
3377 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3378 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3379--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3380+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3381 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3382 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3383 ### END LOGGING ###
3384@@ -9584,13 +9584,13 @@ COMMIT
3385 ### RULES ###
3386
3387 ### tuple ### limit udp 53 192.168.0.2 137,138 192.168.0.1 Bind9 Samba in
3388--A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3389--A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3390+-A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3391+-A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3392 -A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9,sapp_Samba'
3393
3394 ### tuple ### limit tcp 53 192.168.0.2 139,445 192.168.0.1 Bind9 Samba in
3395--A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3396--A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3397+-A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3398+-A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3399 -A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9,sapp_Samba'
3400
3401 ### END RULES ###
3402@@ -9598,7 +9598,7 @@ COMMIT
3403 ### LOGGING ###
3404 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3405 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3406--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3407+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3408 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3409 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3410 ### END LOGGING ###
3411@@ -9634,8 +9634,8 @@ WARN: Checks disabled
3412 ### RULES ###
3413
3414 ### tuple ### limit udp 22 192.168.0.2 137,138 192.168.0.1 - Samba in
3415--A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3416--A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3417+-A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3418+-A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3419 -A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3420
3421 ### END RULES ###
3422@@ -9643,7 +9643,7 @@ WARN: Checks disabled
3423 ### LOGGING ###
3424 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3425 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3426--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3427+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3428 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3429 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3430 ### END LOGGING ###
3431@@ -9674,13 +9674,13 @@ COMMIT
3432 ### RULES ###
3433
3434 ### tuple ### limit udp 22 192.168.0.2 137,138 192.168.0.1 - Samba in
3435--A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3436--A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3437+-A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3438+-A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3439 -A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -d 192.168.0.2 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3440
3441 ### tuple ### limit tcp 22 192.168.0.2 139,445 192.168.0.1 - Samba in
3442--A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3443--A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3444+-A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3445+-A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3446 -A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -d 192.168.0.2 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3447
3448 ### END RULES ###
3449@@ -9688,7 +9688,7 @@ COMMIT
3450 ### LOGGING ###
3451 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3452 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3453--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3454+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3455 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3456 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3457 ### END LOGGING ###
3458@@ -9724,8 +9724,8 @@ WARN: Checks disabled
3459 ### RULES ###
3460
3461 ### tuple ### limit tcp 80,443 192.168.0.2 80 192.168.0.1 Apache%20Full Apache in
3462--A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3463--A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -d 192.168.0.2 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3464+-A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3465+-A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -d 192.168.0.2 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3466 -A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -d 192.168.0.2 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3467
3468 ### END RULES ###
3469@@ -9733,7 +9733,7 @@ WARN: Checks disabled
3470 ### LOGGING ###
3471 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3472 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3473--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3474+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3475 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3476 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3477 ### END LOGGING ###
3478@@ -9769,8 +9769,8 @@ WARN: Checks disabled
3479 ### RULES ###
3480
3481 ### tuple ### limit tcp 80 192.168.0.1 8080 192.168.0.2 Apache - in
3482--A ufw-user-input -p tcp -d 192.168.0.1 --dport 80 -s 192.168.0.2 --sport 8080 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache'
3483--A ufw-user-input -p tcp -d 192.168.0.1 --dport 80 -s 192.168.0.2 --sport 8080 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
3484+-A ufw-user-input -p tcp -d 192.168.0.1 --dport 80 -s 192.168.0.2 --sport 8080 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache'
3485+-A ufw-user-input -p tcp -d 192.168.0.1 --dport 80 -s 192.168.0.2 --sport 8080 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
3486 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 80 -s 192.168.0.2 --sport 8080 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache'
3487
3488 ### END RULES ###
3489@@ -9778,7 +9778,7 @@ WARN: Checks disabled
3490 ### LOGGING ###
3491 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3492 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3493--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3494+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3495 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3496 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3497 ### END LOGGING ###
3498@@ -9814,8 +9814,8 @@ WARN: Checks disabled
3499 ### RULES ###
3500
3501 ### tuple ### limit udp 123 192.168.0.1 10123 192.168.0.2 OpenNTPD - in
3502--A ufw-user-input -p udp -d 192.168.0.1 --dport 123 -s 192.168.0.2 --sport 10123 -m state --state NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
3503--A ufw-user-input -p udp -d 192.168.0.1 --dport 123 -s 192.168.0.2 --sport 10123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
3504+-A ufw-user-input -p udp -d 192.168.0.1 --dport 123 -s 192.168.0.2 --sport 10123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
3505+-A ufw-user-input -p udp -d 192.168.0.1 --dport 123 -s 192.168.0.2 --sport 10123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
3506 -A ufw-user-input -p udp -d 192.168.0.1 --dport 123 -s 192.168.0.2 --sport 10123 -j ufw-user-limit-accept -m comment --comment 'dapp_OpenNTPD'
3507
3508 ### END RULES ###
3509@@ -9823,7 +9823,7 @@ WARN: Checks disabled
3510 ### LOGGING ###
3511 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3512 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3513--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3514+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3515 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3516 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3517 ### END LOGGING ###
3518@@ -9859,8 +9859,8 @@ WARN: Checks disabled
3519 ### RULES ###
3520
3521 ### tuple ### limit udp 137,138 192.168.0.1 53 192.168.0.2 Samba Bind9 in
3522--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3523--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3524+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3525+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3526 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Bind9'
3527
3528 ### END RULES ###
3529@@ -9868,7 +9868,7 @@ WARN: Checks disabled
3530 ### LOGGING ###
3531 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3532 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3533--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3534+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3535 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3536 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3537 ### END LOGGING ###
3538@@ -9899,13 +9899,13 @@ COMMIT
3539 ### RULES ###
3540
3541 ### tuple ### limit udp 137,138 192.168.0.1 53 192.168.0.2 Samba Bind9 in
3542--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3543--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3544+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3545+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3546 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Bind9'
3547
3548 ### tuple ### limit tcp 139,445 192.168.0.1 53 192.168.0.2 Samba Bind9 in
3549--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3550--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3551+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3552+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3553 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -d 192.168.0.1 -s 192.168.0.2 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Bind9'
3554
3555 ### END RULES ###
3556@@ -9913,7 +9913,7 @@ COMMIT
3557 ### LOGGING ###
3558 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3559 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3560--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3561+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3562 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3563 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3564 ### END LOGGING ###
3565@@ -9949,8 +9949,8 @@ WARN: Checks disabled
3566 ### RULES ###
3567
3568 ### tuple ### limit udp 137,138 192.168.0.1 22 192.168.0.2 Samba - in
3569--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
3570--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3571+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
3572+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3573 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
3574
3575 ### END RULES ###
3576@@ -9958,7 +9958,7 @@ WARN: Checks disabled
3577 ### LOGGING ###
3578 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3579 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3580--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3581+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3582 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3583 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3584 ### END LOGGING ###
3585@@ -9989,13 +9989,13 @@ COMMIT
3586 ### RULES ###
3587
3588 ### tuple ### limit udp 137,138 192.168.0.1 22 192.168.0.2 Samba - in
3589--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
3590--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3591+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
3592+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3593 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
3594
3595 ### tuple ### limit tcp 139,445 192.168.0.1 22 192.168.0.2 Samba - in
3596--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
3597--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3598+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
3599+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3600 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -d 192.168.0.1 -s 192.168.0.2 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
3601
3602 ### END RULES ###
3603@@ -10003,7 +10003,7 @@ COMMIT
3604 ### LOGGING ###
3605 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3606 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3607--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3608+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3609 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3610 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3611 ### END LOGGING ###
3612@@ -10039,8 +10039,8 @@ WARN: Checks disabled
3613 ### RULES ###
3614
3615 ### tuple ### limit tcp 80 192.168.0.1 80,443 192.168.0.2 Apache Apache%20Full in
3616--A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3617--A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -d 192.168.0.1 -s 192.168.0.2 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3618+-A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3619+-A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -d 192.168.0.1 -s 192.168.0.2 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3620 -A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -d 192.168.0.1 -s 192.168.0.2 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3621
3622 ### END RULES ###
3623@@ -10048,7 +10048,7 @@ WARN: Checks disabled
3624 ### LOGGING ###
3625 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3626 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3627--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3628+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3629 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3630 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3631 ### END LOGGING ###
3632@@ -10084,8 +10084,8 @@ WARN: Checks disabled
3633 ### RULES ###
3634
3635 ### tuple ### limit udp 137,138 192.168.0.1 137,138 192.168.0.1 Samba Samba in
3636--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
3637--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
3638+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
3639+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
3640 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
3641
3642 ### END RULES ###
3643@@ -10093,7 +10093,7 @@ WARN: Checks disabled
3644 ### LOGGING ###
3645 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3646 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3647--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3648+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3649 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3650 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3651 ### END LOGGING ###
3652@@ -10124,13 +10124,13 @@ COMMIT
3653 ### RULES ###
3654
3655 ### tuple ### limit udp 137,138 192.168.0.1 137,138 192.168.0.1 Samba Samba in
3656--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
3657--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
3658+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
3659+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
3660 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 192.168.0.1 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
3661
3662 ### tuple ### limit tcp 139,445 192.168.0.1 139,445 192.168.0.1 Samba Samba in
3663--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 192.168.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
3664--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 192.168.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
3665+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 192.168.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
3666+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 192.168.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
3667 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 192.168.0.1 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
3668
3669 ### END RULES ###
3670@@ -10138,7 +10138,7 @@ COMMIT
3671 ### LOGGING ###
3672 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3673 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3674--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3675+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3676 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3677 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3678 ### END LOGGING ###
3679@@ -10174,8 +10174,8 @@ WARN: Checks disabled
3680 ### RULES ###
3681
3682 ### tuple ### limit tcp 8080 0.0.0.0/0 80 0.0.0.0/0 - Apache in
3683--A ufw-user-input -p tcp --dport 8080 --sport 80 -m state --state NEW -m recent --set -m comment --comment 'sapp_Apache'
3684--A ufw-user-input -p tcp --dport 8080 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache'
3685+-A ufw-user-input -p tcp --dport 8080 --sport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Apache'
3686+-A ufw-user-input -p tcp --dport 8080 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Apache'
3687 -A ufw-user-input -p tcp --dport 8080 --sport 80 -j ufw-user-limit-accept -m comment --comment 'sapp_Apache'
3688
3689 ### END RULES ###
3690@@ -10183,7 +10183,7 @@ WARN: Checks disabled
3691 ### LOGGING ###
3692 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3693 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3694--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3695+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3696 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3697 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3698 ### END LOGGING ###
3699@@ -10219,8 +10219,8 @@ WARN: Checks disabled
3700 ### RULES ###
3701
3702 ### tuple ### limit udp 10123 0.0.0.0/0 123 0.0.0.0/0 - OpenNTPD in
3703--A ufw-user-input -p udp --dport 10123 --sport 123 -m state --state NEW -m recent --set -m comment --comment 'sapp_OpenNTPD'
3704--A ufw-user-input -p udp --dport 10123 --sport 123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_OpenNTPD'
3705+-A ufw-user-input -p udp --dport 10123 --sport 123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_OpenNTPD'
3706+-A ufw-user-input -p udp --dport 10123 --sport 123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_OpenNTPD'
3707 -A ufw-user-input -p udp --dport 10123 --sport 123 -j ufw-user-limit-accept -m comment --comment 'sapp_OpenNTPD'
3708
3709 ### END RULES ###
3710@@ -10228,7 +10228,7 @@ WARN: Checks disabled
3711 ### LOGGING ###
3712 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3713 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3714--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3715+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3716 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3717 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3718 ### END LOGGING ###
3719@@ -10264,8 +10264,8 @@ WARN: Checks disabled
3720 ### RULES ###
3721
3722 ### tuple ### limit udp 53 0.0.0.0/0 137,138 0.0.0.0/0 Bind9 Samba in
3723--A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3724--A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3725+-A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3726+-A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3727 -A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9,sapp_Samba'
3728
3729 ### END RULES ###
3730@@ -10273,7 +10273,7 @@ WARN: Checks disabled
3731 ### LOGGING ###
3732 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3733 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3734--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3735+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3736 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3737 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3738 ### END LOGGING ###
3739@@ -10304,13 +10304,13 @@ COMMIT
3740 ### RULES ###
3741
3742 ### tuple ### limit udp 53 0.0.0.0/0 137,138 0.0.0.0/0 Bind9 Samba in
3743--A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3744--A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3745+-A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3746+-A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3747 -A ufw-user-input -p udp -m multiport --dports 53 -m multiport --sports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9,sapp_Samba'
3748
3749 ### tuple ### limit tcp 53 0.0.0.0/0 139,445 0.0.0.0/0 Bind9 Samba in
3750--A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3751--A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3752+-A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Bind9,sapp_Samba'
3753+-A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Bind9,sapp_Samba'
3754 -A ufw-user-input -p tcp -m multiport --dports 53 -m multiport --sports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Bind9,sapp_Samba'
3755
3756 ### END RULES ###
3757@@ -10318,7 +10318,7 @@ COMMIT
3758 ### LOGGING ###
3759 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3760 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3761--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3762+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3763 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3764 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3765 ### END LOGGING ###
3766@@ -10354,8 +10354,8 @@ WARN: Checks disabled
3767 ### RULES ###
3768
3769 ### tuple ### limit udp 22 0.0.0.0/0 137,138 0.0.0.0/0 - Samba in
3770--A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3771--A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3772+-A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3773+-A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3774 -A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3775
3776 ### END RULES ###
3777@@ -10363,7 +10363,7 @@ WARN: Checks disabled
3778 ### LOGGING ###
3779 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3780 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3781--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3782+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3783 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3784 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3785 ### END LOGGING ###
3786@@ -10394,13 +10394,13 @@ COMMIT
3787 ### RULES ###
3788
3789 ### tuple ### limit udp 22 0.0.0.0/0 137,138 0.0.0.0/0 - Samba in
3790--A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3791--A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3792+-A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3793+-A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3794 -A ufw-user-input -p udp -m multiport --dports 22 -m multiport --sports 137,138 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3795
3796 ### tuple ### limit tcp 22 0.0.0.0/0 139,445 0.0.0.0/0 - Samba in
3797--A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
3798--A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3799+-A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
3800+-A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
3801 -A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 139,445 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
3802
3803 ### END RULES ###
3804@@ -10408,7 +10408,7 @@ COMMIT
3805 ### LOGGING ###
3806 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3807 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3808--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3809+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3810 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3811 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3812 ### END LOGGING ###
3813@@ -10444,8 +10444,8 @@ WARN: Checks disabled
3814 ### RULES ###
3815
3816 ### tuple ### limit tcp 80,443 0.0.0.0/0 80 0.0.0.0/0 Apache%20Full Apache in
3817--A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3818--A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3819+-A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3820+-A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3821 -A ufw-user-input -p tcp -m multiport --dports 80,443 -m multiport --sports 80 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache%20Full,sapp_Apache'
3822
3823 ### END RULES ###
3824@@ -10453,7 +10453,7 @@ WARN: Checks disabled
3825 ### LOGGING ###
3826 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3827 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3828--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3829+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3830 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3831 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3832 ### END LOGGING ###
3833@@ -10489,8 +10489,8 @@ WARN: Checks disabled
3834 ### RULES ###
3835
3836 ### tuple ### limit tcp 80 0.0.0.0/0 8080 0.0.0.0/0 Apache - in
3837--A ufw-user-input -p tcp --dport 80 --sport 8080 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache'
3838--A ufw-user-input -p tcp --dport 80 --sport 8080 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
3839+-A ufw-user-input -p tcp --dport 80 --sport 8080 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache'
3840+-A ufw-user-input -p tcp --dport 80 --sport 8080 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
3841 -A ufw-user-input -p tcp --dport 80 --sport 8080 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache'
3842
3843 ### END RULES ###
3844@@ -10498,7 +10498,7 @@ WARN: Checks disabled
3845 ### LOGGING ###
3846 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3847 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3848--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3849+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3850 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3851 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3852 ### END LOGGING ###
3853@@ -10534,8 +10534,8 @@ WARN: Checks disabled
3854 ### RULES ###
3855
3856 ### tuple ### limit udp 123 0.0.0.0/0 10123 0.0.0.0/0 OpenNTPD - in
3857--A ufw-user-input -p udp --dport 123 --sport 10123 -m state --state NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
3858--A ufw-user-input -p udp --dport 123 --sport 10123 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
3859+-A ufw-user-input -p udp --dport 123 --sport 10123 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_OpenNTPD'
3860+-A ufw-user-input -p udp --dport 123 --sport 10123 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_OpenNTPD'
3861 -A ufw-user-input -p udp --dport 123 --sport 10123 -j ufw-user-limit-accept -m comment --comment 'dapp_OpenNTPD'
3862
3863 ### END RULES ###
3864@@ -10543,7 +10543,7 @@ WARN: Checks disabled
3865 ### LOGGING ###
3866 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3867 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3868--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3869+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3870 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3871 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3872 ### END LOGGING ###
3873@@ -10579,8 +10579,8 @@ WARN: Checks disabled
3874 ### RULES ###
3875
3876 ### tuple ### limit udp 137,138 0.0.0.0/0 53 0.0.0.0/0 Samba Bind9 in
3877--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3878--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3879+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3880+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3881 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Bind9'
3882
3883 ### END RULES ###
3884@@ -10588,7 +10588,7 @@ WARN: Checks disabled
3885 ### LOGGING ###
3886 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3887 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3888--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3889+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3890 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3891 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3892 ### END LOGGING ###
3893@@ -10619,13 +10619,13 @@ COMMIT
3894 ### RULES ###
3895
3896 ### tuple ### limit udp 137,138 0.0.0.0/0 53 0.0.0.0/0 Samba Bind9 in
3897--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3898--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3899+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3900+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3901 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Bind9'
3902
3903 ### tuple ### limit tcp 139,445 0.0.0.0/0 53 0.0.0.0/0 Samba Bind9 in
3904--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3905--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3906+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Bind9'
3907+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Bind9'
3908 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 53 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Bind9'
3909
3910 ### END RULES ###
3911@@ -10633,7 +10633,7 @@ COMMIT
3912 ### LOGGING ###
3913 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3914 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3915--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3916+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3917 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3918 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3919 ### END LOGGING ###
3920@@ -10669,8 +10669,8 @@ WARN: Checks disabled
3921 ### RULES ###
3922
3923 ### tuple ### limit udp 137,138 0.0.0.0/0 22 0.0.0.0/0 Samba - in
3924--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
3925--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3926+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
3927+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3928 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
3929
3930 ### END RULES ###
3931@@ -10678,7 +10678,7 @@ WARN: Checks disabled
3932 ### LOGGING ###
3933 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3934 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3935--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3936+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3937 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3938 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3939 ### END LOGGING ###
3940@@ -10709,13 +10709,13 @@ COMMIT
3941 ### RULES ###
3942
3943 ### tuple ### limit udp 137,138 0.0.0.0/0 22 0.0.0.0/0 Samba - in
3944--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
3945--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3946+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
3947+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3948 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 22 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
3949
3950 ### tuple ### limit tcp 139,445 0.0.0.0/0 22 0.0.0.0/0 Samba - in
3951--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
3952--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3953+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
3954+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
3955 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 22 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
3956
3957 ### END RULES ###
3958@@ -10723,7 +10723,7 @@ COMMIT
3959 ### LOGGING ###
3960 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3961 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3962--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3963+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3964 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3965 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3966 ### END LOGGING ###
3967@@ -10759,8 +10759,8 @@ WARN: Checks disabled
3968 ### RULES ###
3969
3970 ### tuple ### limit tcp 80 0.0.0.0/0 80,443 0.0.0.0/0 Apache Apache%20Full in
3971--A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3972--A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3973+-A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3974+-A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3975 -A ufw-user-input -p tcp -m multiport --dports 80 -m multiport --sports 80,443 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache,sapp_Apache%20Full'
3976
3977 ### END RULES ###
3978@@ -10768,7 +10768,7 @@ WARN: Checks disabled
3979 ### LOGGING ###
3980 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3981 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3982--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3983+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
3984 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
3985 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
3986 ### END LOGGING ###
3987@@ -10804,8 +10804,8 @@ WARN: Checks disabled
3988 ### RULES ###
3989
3990 ### tuple ### limit udp 137,138 0.0.0.0/0 137,138 0.0.0.0/0 Samba Samba in
3991--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
3992--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
3993+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
3994+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
3995 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
3996
3997 ### END RULES ###
3998@@ -10813,7 +10813,7 @@ WARN: Checks disabled
3999 ### LOGGING ###
4000 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4001 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4002--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4003+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4004 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4005 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4006 ### END LOGGING ###
4007@@ -10844,13 +10844,13 @@ COMMIT
4008 ### RULES ###
4009
4010 ### tuple ### limit udp 137,138 0.0.0.0/0 137,138 0.0.0.0/0 Samba Samba in
4011--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4012--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4013+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4014+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4015 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
4016
4017 ### tuple ### limit tcp 139,445 0.0.0.0/0 139,445 0.0.0.0/0 Samba Samba in
4018--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4019--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4020+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4021+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4022 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
4023
4024 ### END RULES ###
4025@@ -10858,7 +10858,7 @@ COMMIT
4026 ### LOGGING ###
4027 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4028 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4029--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4030+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4031 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4032 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4033 ### END LOGGING ###
4034@@ -10902,7 +10902,7 @@ WARN: Checks disabled
4035 ### LOGGING ###
4036 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4037 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4038--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4039+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4040 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4041 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4042 ### END LOGGING ###
4043@@ -10945,7 +10945,7 @@ WARN: Checks disabled
4044 ### LOGGING ###
4045 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4046 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4047--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4048+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4049 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4050 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4051 ### END LOGGING ###
4052@@ -10994,7 +10994,7 @@ WARN: Checks disabled
4053 ### LOGGING ###
4054 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4055 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4056--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4057+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4058 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4059 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4060 ### END LOGGING ###
4061@@ -11042,7 +11042,7 @@ WARN: Checks disabled
4062 ### LOGGING ###
4063 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4064 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4065--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4066+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4067 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4068 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4069 ### END LOGGING ###
4070@@ -11083,7 +11083,7 @@ COMMIT
4071 ### LOGGING ###
4072 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4073 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4074--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4075+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4076 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4077 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4078 ### END LOGGING ###
4079@@ -11140,7 +11140,7 @@ WARN: Checks disabled
4080 ### LOGGING ###
4081 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4082 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4083--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4084+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4085 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4086 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4087 ### END LOGGING ###
4088@@ -11181,7 +11181,7 @@ COMMIT
4089 ### LOGGING ###
4090 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4091 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4092--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4093+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4094 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4095 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4096 ### END LOGGING ###
4097@@ -11252,7 +11252,7 @@ TESTING INSERT
4098 ### LOGGING ###
4099 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4100 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4101--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4102+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4103 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4104 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4105 ### END LOGGING ###
4106@@ -11299,7 +11299,7 @@ COMMIT
4107 ### LOGGING ###
4108 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4109 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4110--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4111+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4112 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4113 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4114 ### END LOGGING ###
4115@@ -11389,7 +11389,7 @@ COMMIT
4116 ### LOGGING ###
4117 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4118 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4119--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4120+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4121 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4122 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4123 ### END LOGGING ###
4124@@ -11445,7 +11445,7 @@ COMMIT
4125 ### LOGGING ###
4126 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4127 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4128--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4129+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4130 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4131 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4132 ### END LOGGING ###
4133@@ -11508,7 +11508,7 @@ TESTING APPLICATION INTEGRATION (interfaces)
4134 ### LOGGING ###
4135 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4136 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4137--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4138+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4139 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4140 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4141 ### END LOGGING ###
4142@@ -11552,7 +11552,7 @@ COMMIT
4143 ### LOGGING ###
4144 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4145 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4146--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4147+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4148 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4149 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4150 ### END LOGGING ###
4151@@ -11614,7 +11614,7 @@ COMMIT
4152 ### LOGGING ###
4153 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4154 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4155--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4156+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4157 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4158 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4159 ### END LOGGING ###
4160@@ -11658,7 +11658,7 @@ COMMIT
4161 ### LOGGING ###
4162 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4163 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4164--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4165+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4166 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4167 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4168 ### END LOGGING ###
4169@@ -11698,33 +11698,33 @@ COMMIT
4170 ### RULES ###
4171
4172 ### tuple ### limit udp 137,138 192.168.0.1 any 0.0.0.0/0 Samba - in_eth0
4173--A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4174--A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4175+-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4176+-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4177 -A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4178
4179 ### tuple ### limit tcp 139,445 192.168.0.1 any 0.0.0.0/0 Samba - in_eth0
4180--A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4181--A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4182+-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4183+-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4184 -A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4185
4186 ### tuple ### limit udp any 0.0.0.0/0 137,138 10.0.0.1 - Samba in_eth0
4187--A ufw-user-input -i eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
4188--A ufw-user-input -i eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
4189+-A ufw-user-input -i eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
4190+-A ufw-user-input -i eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
4191 -A ufw-user-input -i eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
4192
4193 ### tuple ### limit tcp any 0.0.0.0/0 139,445 10.0.0.1 - Samba in_eth0
4194--A ufw-user-input -i eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
4195--A ufw-user-input -i eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
4196+-A ufw-user-input -i eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
4197+-A ufw-user-input -i eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
4198 -A ufw-user-input -i eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
4199
4200 ### tuple ### limit udp 137,138 0.0.0.0/0 any 10.0.0.1 Samba - in_eth0
4201--A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4202--A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4203+-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4204+-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4205 -A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4206
4207 ### tuple ### limit tcp 139,445 0.0.0.0/0 any 10.0.0.1 Samba - in_eth0
4208--A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4209--A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4210+-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4211+-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4212 -A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4213
4214 ### END RULES ###
4215@@ -11732,7 +11732,7 @@ COMMIT
4216 ### LOGGING ###
4217 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4218 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4219--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4220+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4221 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4222 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4223 ### END LOGGING ###
4224@@ -11776,7 +11776,7 @@ COMMIT
4225 ### LOGGING ###
4226 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4227 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4228--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4229+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4230 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4231 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4232 ### END LOGGING ###
4233@@ -11838,7 +11838,7 @@ COMMIT
4234 ### LOGGING ###
4235 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4236 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4237--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4238+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4239 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4240 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4241 ### END LOGGING ###
4242@@ -11882,7 +11882,7 @@ COMMIT
4243 ### LOGGING ###
4244 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4245 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4246--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4247+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4248 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4249 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4250 ### END LOGGING ###
4251@@ -11942,7 +11942,7 @@ COMMIT
4252 ### LOGGING ###
4253 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4254 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4255--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4256+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4257 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4258 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4259 ### END LOGGING ###
4260@@ -11986,7 +11986,7 @@ COMMIT
4261 ### LOGGING ###
4262 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4263 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4264--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4265+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4266 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4267 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4268 ### END LOGGING ###
4269@@ -12048,7 +12048,7 @@ COMMIT
4270 ### LOGGING ###
4271 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4272 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4273--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4274+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4275 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4276 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4277 ### END LOGGING ###
4278@@ -12092,7 +12092,7 @@ COMMIT
4279 ### LOGGING ###
4280 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4281 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4282--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4283+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4284 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4285 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4286 ### END LOGGING ###
4287@@ -12154,7 +12154,7 @@ COMMIT
4288 ### LOGGING ###
4289 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4290 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4291--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4292+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4293 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4294 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4295 ### END LOGGING ###
4296@@ -12198,7 +12198,7 @@ COMMIT
4297 ### LOGGING ###
4298 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4299 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4300--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4301+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4302 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4303 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4304 ### END LOGGING ###
4305@@ -12238,33 +12238,33 @@ COMMIT
4306 ### RULES ###
4307
4308 ### tuple ### limit udp 137,138 192.168.0.1 any 0.0.0.0/0 Samba - out_eth0
4309--A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4310--A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4311+-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4312+-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4313 -A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4314
4315 ### tuple ### limit tcp 139,445 192.168.0.1 any 0.0.0.0/0 Samba - out_eth0
4316--A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4317--A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4318+-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4319+-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4320 -A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4321
4322 ### tuple ### limit udp any 0.0.0.0/0 137,138 10.0.0.1 - Samba out_eth0
4323--A ufw-user-output -o eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
4324--A ufw-user-output -o eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
4325+-A ufw-user-output -o eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
4326+-A ufw-user-output -o eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
4327 -A ufw-user-output -o eth0 -p udp -m multiport --sports 137,138 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
4328
4329 ### tuple ### limit tcp any 0.0.0.0/0 139,445 10.0.0.1 - Samba out_eth0
4330--A ufw-user-output -o eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'sapp_Samba'
4331--A ufw-user-output -o eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
4332+-A ufw-user-output -o eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'sapp_Samba'
4333+-A ufw-user-output -o eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'sapp_Samba'
4334 -A ufw-user-output -o eth0 -p tcp -m multiport --sports 139,445 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'sapp_Samba'
4335
4336 ### tuple ### limit udp 137,138 0.0.0.0/0 any 10.0.0.1 Samba - out_eth0
4337--A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4338--A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4339+-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4340+-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4341 -A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4342
4343 ### tuple ### limit tcp 139,445 0.0.0.0/0 any 10.0.0.1 Samba - out_eth0
4344--A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4345--A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4346+-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4347+-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4348 -A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4349
4350 ### END RULES ###
4351@@ -12272,7 +12272,7 @@ COMMIT
4352 ### LOGGING ###
4353 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4354 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4355--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4356+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4357 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4358 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4359 ### END LOGGING ###
4360@@ -12316,7 +12316,7 @@ COMMIT
4361 ### LOGGING ###
4362 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4363 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4364--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4365+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4366 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4367 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4368 ### END LOGGING ###
4369@@ -12378,7 +12378,7 @@ COMMIT
4370 ### LOGGING ###
4371 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4372 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4373--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4374+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4375 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4376 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4377 ### END LOGGING ###
4378@@ -12422,7 +12422,7 @@ COMMIT
4379 ### LOGGING ###
4380 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4381 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4382--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4383+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4384 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4385 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4386 ### END LOGGING ###
4387@@ -12482,7 +12482,7 @@ COMMIT
4388 ### LOGGING ###
4389 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4390 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4391--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4392+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4393 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4394 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4395 ### END LOGGING ###
4396@@ -12526,7 +12526,7 @@ COMMIT
4397 ### LOGGING ###
4398 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4399 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4400--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4401+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
4402 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4403 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4404 ### END LOGGING ###
4405diff --git a/tests/good/logging/result b/tests/good/logging/result
4406index 6714e12..4b23f9a 100644
4407--- a/tests/good/logging/result
4408+++ b/tests/good/logging/result
4409@@ -102,69 +102,69 @@ contents of user*.rules:
4410 ### RULES ###
4411
4412 ### tuple ### allow_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
4413--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4414+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4415 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
4416 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
4417 -A ufw-user-input -p tcp --dport 23 -j ACCEPT
4418--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4419+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4420 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
4421 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
4422 -A ufw-user-input -p udp --dport 23 -j ACCEPT
4423
4424 ### tuple ### allow_log tcp 25 0.0.0.0/0 any 0.0.0.0/0 in
4425--A ufw-user-logging-input -p tcp --dport 25 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4426+-A ufw-user-logging-input -p tcp --dport 25 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4427 -A ufw-user-logging-input -p tcp --dport 25 -j RETURN
4428 -A ufw-user-input -p tcp --dport 25 -j ufw-user-logging-input
4429 -A ufw-user-input -p tcp --dport 25 -j ACCEPT
4430
4431 ### tuple ### allow_log udp 69 0.0.0.0/0 any 0.0.0.0/0 in
4432--A ufw-user-logging-input -p udp --dport 69 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4433+-A ufw-user-logging-input -p udp --dport 69 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4434 -A ufw-user-logging-input -p udp --dport 69 -j RETURN
4435 -A ufw-user-input -p udp --dport 69 -j ufw-user-logging-input
4436 -A ufw-user-input -p udp --dport 69 -j ACCEPT
4437
4438 ### tuple ### allow_log any 443 0.0.0.0/0 any 0.0.0.0/0 in
4439--A ufw-user-logging-input -p tcp --dport 443 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4440+-A ufw-user-logging-input -p tcp --dport 443 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4441 -A ufw-user-logging-input -p tcp --dport 443 -j RETURN
4442 -A ufw-user-input -p tcp --dport 443 -j ufw-user-logging-input
4443 -A ufw-user-input -p tcp --dport 443 -j ACCEPT
4444--A ufw-user-logging-input -p udp --dport 443 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4445+-A ufw-user-logging-input -p udp --dport 443 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4446 -A ufw-user-logging-input -p udp --dport 443 -j RETURN
4447 -A ufw-user-input -p udp --dport 443 -j ufw-user-logging-input
4448 -A ufw-user-input -p udp --dport 443 -j ACCEPT
4449
4450 ### tuple ### allow_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
4451--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4452+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4453 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
4454 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
4455 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
4456
4457 ### tuple ### allow_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
4458--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4459+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4460 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
4461 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
4462 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
4463
4464 ### tuple ### allow_log tcp 80 0.0.0.0/0 any 0.0.0.0/0 Apache - in
4465--A ufw-user-logging-input -p tcp --dport 80 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4466+-A ufw-user-logging-input -p tcp --dport 80 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4467 -A ufw-user-logging-input -p tcp --dport 80 -j RETURN
4468 -A ufw-user-input -p tcp --dport 80 -j ufw-user-logging-input
4469 -A ufw-user-input -p tcp --dport 80 -j ACCEPT -m comment --comment 'dapp_Apache'
4470
4471 ### tuple ### allow_log tcp 25 10.0.0.1 25 192.168.0.1 in
4472--A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4473+-A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4474 -A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j RETURN
4475 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j ufw-user-logging-input
4476 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j ACCEPT
4477
4478 ### tuple ### allow_log udp 137,138 10.0.0.1 137,138 192.168.0.1 Samba Samba in
4479--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4480+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4481 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
4482 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
4483 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j ACCEPT -m comment --comment 'dapp_Samba,sapp_Samba'
4484
4485 ### tuple ### allow_log tcp 139,445 10.0.0.1 139,445 192.168.0.1 Samba Samba in
4486--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4487+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
4488 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
4489 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
4490 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ACCEPT -m comment --comment 'dapp_Samba,sapp_Samba'
4491@@ -175,12 +175,12 @@ contents of user*.rules:
4492 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4493 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4494 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4495--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4496+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4497 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4498 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4499--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4500--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4501--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4502+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4503+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4504+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4505 ### END LOGGING ###
4506
4507 ### RATE LIMITING ###
4508@@ -245,12 +245,12 @@ contents of user*.rules:
4509 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4510 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4511 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4512--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4513+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4514 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4515 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4516--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4517--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4518--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4519+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4520+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4521+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4522 ### END LOGGING ###
4523
4524 ### RATE LIMITING ###
4525@@ -383,12 +383,12 @@ contents of user*.rules:
4526 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4527 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4528 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4529--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4530+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4531 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4532 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4533--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4534--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4535--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4536+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4537+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4538+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4539 ### END LOGGING ###
4540
4541 ### RATE LIMITING ###
4542@@ -453,12 +453,12 @@ contents of user*.rules:
4543 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4544 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4545 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4546--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4547+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4548 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4549 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4550--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4551--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4552--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4553+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4554+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4555+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4556 ### END LOGGING ###
4557
4558 ### RATE LIMITING ###
4559@@ -518,69 +518,69 @@ contents of user*.rules:
4560 ### RULES ###
4561
4562 ### tuple ### deny_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
4563--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4564+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4565 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
4566 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
4567 -A ufw-user-input -p tcp --dport 23 -j DROP
4568--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4569+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4570 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
4571 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
4572 -A ufw-user-input -p udp --dport 23 -j DROP
4573
4574 ### tuple ### deny_log tcp 25 0.0.0.0/0 any 0.0.0.0/0 in
4575--A ufw-user-logging-input -p tcp --dport 25 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4576+-A ufw-user-logging-input -p tcp --dport 25 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4577 -A ufw-user-logging-input -p tcp --dport 25 -j RETURN
4578 -A ufw-user-input -p tcp --dport 25 -j ufw-user-logging-input
4579 -A ufw-user-input -p tcp --dport 25 -j DROP
4580
4581 ### tuple ### deny_log udp 69 0.0.0.0/0 any 0.0.0.0/0 in
4582--A ufw-user-logging-input -p udp --dport 69 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4583+-A ufw-user-logging-input -p udp --dport 69 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4584 -A ufw-user-logging-input -p udp --dport 69 -j RETURN
4585 -A ufw-user-input -p udp --dport 69 -j ufw-user-logging-input
4586 -A ufw-user-input -p udp --dport 69 -j DROP
4587
4588 ### tuple ### deny_log any 443 0.0.0.0/0 any 0.0.0.0/0 in
4589--A ufw-user-logging-input -p tcp --dport 443 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4590+-A ufw-user-logging-input -p tcp --dport 443 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4591 -A ufw-user-logging-input -p tcp --dport 443 -j RETURN
4592 -A ufw-user-input -p tcp --dport 443 -j ufw-user-logging-input
4593 -A ufw-user-input -p tcp --dport 443 -j DROP
4594--A ufw-user-logging-input -p udp --dport 443 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4595+-A ufw-user-logging-input -p udp --dport 443 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4596 -A ufw-user-logging-input -p udp --dport 443 -j RETURN
4597 -A ufw-user-input -p udp --dport 443 -j ufw-user-logging-input
4598 -A ufw-user-input -p udp --dport 443 -j DROP
4599
4600 ### tuple ### deny_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
4601--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4602+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4603 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
4604 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
4605 -A ufw-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
4606
4607 ### tuple ### deny_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
4608--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4609+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4610 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
4611 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
4612 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
4613
4614 ### tuple ### deny_log tcp 80 0.0.0.0/0 any 0.0.0.0/0 Apache - in
4615--A ufw-user-logging-input -p tcp --dport 80 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4616+-A ufw-user-logging-input -p tcp --dport 80 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4617 -A ufw-user-logging-input -p tcp --dport 80 -j RETURN
4618 -A ufw-user-input -p tcp --dport 80 -j ufw-user-logging-input
4619 -A ufw-user-input -p tcp --dport 80 -j DROP -m comment --comment 'dapp_Apache'
4620
4621 ### tuple ### deny_log tcp 25 10.0.0.1 25 192.168.0.1 in
4622--A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4623+-A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4624 -A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j RETURN
4625 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j ufw-user-logging-input
4626 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j DROP
4627
4628 ### tuple ### deny_log udp 137,138 10.0.0.1 137,138 192.168.0.1 Samba Samba in
4629--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4630+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4631 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
4632 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
4633 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j DROP -m comment --comment 'dapp_Samba,sapp_Samba'
4634
4635 ### tuple ### deny_log tcp 139,445 10.0.0.1 139,445 192.168.0.1 Samba Samba in
4636--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4637+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
4638 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
4639 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
4640 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j DROP -m comment --comment 'dapp_Samba,sapp_Samba'
4641@@ -591,12 +591,12 @@ contents of user*.rules:
4642 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4643 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4644 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4645--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4646+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4647 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4648 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4649--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4650--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4651--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4652+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4653+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4654+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4655 ### END LOGGING ###
4656
4657 ### RATE LIMITING ###
4658@@ -661,12 +661,12 @@ contents of user*.rules:
4659 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4660 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4661 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4662--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4663+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4664 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4665 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4666--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4667--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4668--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4669+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4670+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4671+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4672 ### END LOGGING ###
4673
4674 ### RATE LIMITING ###
4675@@ -799,12 +799,12 @@ contents of user*.rules:
4676 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4677 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4678 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4679--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4680+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4681 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4682 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4683--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4684--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4685--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4686+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4687+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4688+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4689 ### END LOGGING ###
4690
4691 ### RATE LIMITING ###
4692@@ -869,12 +869,12 @@ contents of user*.rules:
4693 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4694 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4695 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4696--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4697+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4698 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4699 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4700--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4701--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4702--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4703+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4704+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4705+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4706 ### END LOGGING ###
4707
4708 ### RATE LIMITING ###
4709@@ -934,95 +934,95 @@ contents of user*.rules:
4710 ### RULES ###
4711
4712 ### tuple ### limit_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
4713--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4714+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4715 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
4716 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
4717--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --set
4718--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4719+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
4720+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4721 -A ufw-user-input -p tcp --dport 23 -j ufw-user-limit-accept
4722--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4723+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4724 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
4725 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
4726--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --set
4727--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4728+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --set
4729+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4730 -A ufw-user-input -p udp --dport 23 -j ufw-user-limit-accept
4731
4732 ### tuple ### limit_log tcp 25 0.0.0.0/0 any 0.0.0.0/0 in
4733--A ufw-user-logging-input -p tcp --dport 25 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4734+-A ufw-user-logging-input -p tcp --dport 25 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4735 -A ufw-user-logging-input -p tcp --dport 25 -j RETURN
4736 -A ufw-user-input -p tcp --dport 25 -j ufw-user-logging-input
4737--A ufw-user-input -p tcp --dport 25 -m state --state NEW -m recent --set
4738--A ufw-user-input -p tcp --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4739+-A ufw-user-input -p tcp --dport 25 -m conntrack --ctstate NEW -m recent --set
4740+-A ufw-user-input -p tcp --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4741 -A ufw-user-input -p tcp --dport 25 -j ufw-user-limit-accept
4742
4743 ### tuple ### limit_log udp 69 0.0.0.0/0 any 0.0.0.0/0 in
4744--A ufw-user-logging-input -p udp --dport 69 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4745+-A ufw-user-logging-input -p udp --dport 69 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4746 -A ufw-user-logging-input -p udp --dport 69 -j RETURN
4747 -A ufw-user-input -p udp --dport 69 -j ufw-user-logging-input
4748--A ufw-user-input -p udp --dport 69 -m state --state NEW -m recent --set
4749--A ufw-user-input -p udp --dport 69 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4750+-A ufw-user-input -p udp --dport 69 -m conntrack --ctstate NEW -m recent --set
4751+-A ufw-user-input -p udp --dport 69 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4752 -A ufw-user-input -p udp --dport 69 -j ufw-user-limit-accept
4753
4754 ### tuple ### limit_log any 443 0.0.0.0/0 any 0.0.0.0/0 in
4755--A ufw-user-logging-input -p tcp --dport 443 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4756+-A ufw-user-logging-input -p tcp --dport 443 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4757 -A ufw-user-logging-input -p tcp --dport 443 -j RETURN
4758 -A ufw-user-input -p tcp --dport 443 -j ufw-user-logging-input
4759--A ufw-user-input -p tcp --dport 443 -m state --state NEW -m recent --set
4760--A ufw-user-input -p tcp --dport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4761+-A ufw-user-input -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --set
4762+-A ufw-user-input -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4763 -A ufw-user-input -p tcp --dport 443 -j ufw-user-limit-accept
4764--A ufw-user-logging-input -p udp --dport 443 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4765+-A ufw-user-logging-input -p udp --dport 443 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4766 -A ufw-user-logging-input -p udp --dport 443 -j RETURN
4767 -A ufw-user-input -p udp --dport 443 -j ufw-user-logging-input
4768--A ufw-user-input -p udp --dport 443 -m state --state NEW -m recent --set
4769--A ufw-user-input -p udp --dport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4770+-A ufw-user-input -p udp --dport 443 -m conntrack --ctstate NEW -m recent --set
4771+-A ufw-user-input -p udp --dport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4772 -A ufw-user-input -p udp --dport 443 -j ufw-user-limit-accept
4773
4774 ### tuple ### limit_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
4775--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4776+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4777 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
4778 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
4779--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4780--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4781+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4782+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4783 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4784
4785 ### tuple ### limit_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
4786--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4787+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4788 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
4789 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
4790--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4791--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4792+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4793+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4794 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4795
4796 ### tuple ### limit_log tcp 80 0.0.0.0/0 any 0.0.0.0/0 Apache - in
4797--A ufw-user-logging-input -p tcp --dport 80 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4798+-A ufw-user-logging-input -p tcp --dport 80 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4799 -A ufw-user-logging-input -p tcp --dport 80 -j RETURN
4800 -A ufw-user-input -p tcp --dport 80 -j ufw-user-logging-input
4801--A ufw-user-input -p tcp --dport 80 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache'
4802--A ufw-user-input -p tcp --dport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
4803+-A ufw-user-input -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache'
4804+-A ufw-user-input -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
4805 -A ufw-user-input -p tcp --dport 80 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache'
4806
4807 ### tuple ### limit_log tcp 25 10.0.0.1 25 192.168.0.1 in
4808--A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4809+-A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4810 -A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j RETURN
4811 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j ufw-user-logging-input
4812--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m state --state NEW -m recent --set
4813--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4814+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m conntrack --ctstate NEW -m recent --set
4815+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4816 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j ufw-user-limit-accept
4817
4818 ### tuple ### limit_log udp 137,138 10.0.0.1 137,138 192.168.0.1 Samba Samba in
4819--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4820+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4821 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
4822 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
4823--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4824--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4825+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4826+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4827 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
4828
4829 ### tuple ### limit_log tcp 139,445 10.0.0.1 139,445 192.168.0.1 Samba Samba in
4830--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4831+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4832 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
4833 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
4834--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4835--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4836+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4837+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4838 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
4839
4840 ### END RULES ###
4841@@ -1031,12 +1031,12 @@ contents of user*.rules:
4842 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4843 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4844 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4845--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4846+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4847 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4848 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4849--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4850--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4851--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4852+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4853+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4854+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4855 ### END LOGGING ###
4856
4857 ### RATE LIMITING ###
4858@@ -1101,12 +1101,12 @@ contents of user*.rules:
4859 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4860 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4861 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4862--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4863+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4864 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4865 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4866--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4867--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4868--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
4869+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4870+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4871+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
4872 ### END LOGGING ###
4873
4874 ### RATE LIMITING ###
4875@@ -1169,92 +1169,92 @@ contents of user*.rules:
4876 -A ufw-user-logging-input -p tcp --dport 23 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4877 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
4878 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
4879--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --set
4880--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4881+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
4882+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4883 -A ufw-user-input -p tcp --dport 23 -j ufw-user-limit-accept
4884 -A ufw-user-logging-input -p udp --dport 23 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4885 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
4886 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
4887--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --set
4888--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4889+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --set
4890+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4891 -A ufw-user-input -p udp --dport 23 -j ufw-user-limit-accept
4892
4893 ### tuple ### limit_log-all tcp 25 0.0.0.0/0 any 0.0.0.0/0 in
4894 -A ufw-user-logging-input -p tcp --dport 25 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4895 -A ufw-user-logging-input -p tcp --dport 25 -j RETURN
4896 -A ufw-user-input -p tcp --dport 25 -j ufw-user-logging-input
4897--A ufw-user-input -p tcp --dport 25 -m state --state NEW -m recent --set
4898--A ufw-user-input -p tcp --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4899+-A ufw-user-input -p tcp --dport 25 -m conntrack --ctstate NEW -m recent --set
4900+-A ufw-user-input -p tcp --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4901 -A ufw-user-input -p tcp --dport 25 -j ufw-user-limit-accept
4902
4903 ### tuple ### limit_log-all udp 69 0.0.0.0/0 any 0.0.0.0/0 in
4904 -A ufw-user-logging-input -p udp --dport 69 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4905 -A ufw-user-logging-input -p udp --dport 69 -j RETURN
4906 -A ufw-user-input -p udp --dport 69 -j ufw-user-logging-input
4907--A ufw-user-input -p udp --dport 69 -m state --state NEW -m recent --set
4908--A ufw-user-input -p udp --dport 69 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4909+-A ufw-user-input -p udp --dport 69 -m conntrack --ctstate NEW -m recent --set
4910+-A ufw-user-input -p udp --dport 69 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4911 -A ufw-user-input -p udp --dport 69 -j ufw-user-limit-accept
4912
4913 ### tuple ### limit_log-all any 443 0.0.0.0/0 any 0.0.0.0/0 in
4914 -A ufw-user-logging-input -p tcp --dport 443 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4915 -A ufw-user-logging-input -p tcp --dport 443 -j RETURN
4916 -A ufw-user-input -p tcp --dport 443 -j ufw-user-logging-input
4917--A ufw-user-input -p tcp --dport 443 -m state --state NEW -m recent --set
4918--A ufw-user-input -p tcp --dport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4919+-A ufw-user-input -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --set
4920+-A ufw-user-input -p tcp --dport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4921 -A ufw-user-input -p tcp --dport 443 -j ufw-user-limit-accept
4922 -A ufw-user-logging-input -p udp --dport 443 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4923 -A ufw-user-logging-input -p udp --dport 443 -j RETURN
4924 -A ufw-user-input -p udp --dport 443 -j ufw-user-logging-input
4925--A ufw-user-input -p udp --dport 443 -m state --state NEW -m recent --set
4926--A ufw-user-input -p udp --dport 443 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4927+-A ufw-user-input -p udp --dport 443 -m conntrack --ctstate NEW -m recent --set
4928+-A ufw-user-input -p udp --dport 443 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4929 -A ufw-user-input -p udp --dport 443 -j ufw-user-limit-accept
4930
4931 ### tuple ### limit_log-all udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
4932 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4933 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
4934 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
4935--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4936--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4937+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4938+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4939 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4940
4941 ### tuple ### limit_log-all tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
4942 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4943 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
4944 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
4945--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
4946--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4947+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
4948+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
4949 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
4950
4951 ### tuple ### limit_log-all tcp 80 0.0.0.0/0 any 0.0.0.0/0 Apache - in
4952 -A ufw-user-logging-input -p tcp --dport 80 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4953 -A ufw-user-logging-input -p tcp --dport 80 -j RETURN
4954 -A ufw-user-input -p tcp --dport 80 -j ufw-user-logging-input
4955--A ufw-user-input -p tcp --dport 80 -m state --state NEW -m recent --set -m comment --comment 'dapp_Apache'
4956--A ufw-user-input -p tcp --dport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
4957+-A ufw-user-input -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Apache'
4958+-A ufw-user-input -p tcp --dport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Apache'
4959 -A ufw-user-input -p tcp --dport 80 -j ufw-user-limit-accept -m comment --comment 'dapp_Apache'
4960
4961 ### tuple ### limit_log-all tcp 25 10.0.0.1 25 192.168.0.1 in
4962 -A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4963 -A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j RETURN
4964 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j ufw-user-logging-input
4965--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m state --state NEW -m recent --set
4966--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4967+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m conntrack --ctstate NEW -m recent --set
4968+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
4969 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j ufw-user-limit-accept
4970
4971 ### tuple ### limit_log-all udp 137,138 10.0.0.1 137,138 192.168.0.1 Samba Samba in
4972 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4973 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
4974 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
4975--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4976--A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4977+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4978+-A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4979 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
4980
4981 ### tuple ### limit_log-all tcp 139,445 10.0.0.1 139,445 192.168.0.1 Samba Samba in
4982 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
4983 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
4984 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
4985--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4986--A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4987+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba,sapp_Samba'
4988+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba,sapp_Samba'
4989 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba,sapp_Samba'
4990
4991 ### END RULES ###
4992@@ -1263,12 +1263,12 @@ contents of user*.rules:
4993 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4994 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
4995 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4996--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4997+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
4998 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
4999 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5000--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5001--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5002--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5003+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5004+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5005+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5006 ### END LOGGING ###
5007
5008 ### RATE LIMITING ###
5009@@ -1333,12 +1333,12 @@ contents of user*.rules:
5010 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5011 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5012 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5013--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5014+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5015 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5016 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5017--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5018--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5019--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5020+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5021+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5022+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5023 ### END LOGGING ###
5024
5025 ### RATE LIMITING ###
5026@@ -1398,69 +1398,69 @@ contents of user*.rules:
5027 ### RULES ###
5028
5029 ### tuple ### reject_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
5030--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5031+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5032 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
5033 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
5034 -A ufw-user-input -p tcp --dport 23 -j REJECT --reject-with tcp-reset
5035--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5036+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5037 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
5038 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
5039 -A ufw-user-input -p udp --dport 23 -j REJECT
5040
5041 ### tuple ### reject_log tcp 25 0.0.0.0/0 any 0.0.0.0/0 in
5042--A ufw-user-logging-input -p tcp --dport 25 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5043+-A ufw-user-logging-input -p tcp --dport 25 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5044 -A ufw-user-logging-input -p tcp --dport 25 -j RETURN
5045 -A ufw-user-input -p tcp --dport 25 -j ufw-user-logging-input
5046 -A ufw-user-input -p tcp --dport 25 -j REJECT --reject-with tcp-reset
5047
5048 ### tuple ### reject_log udp 69 0.0.0.0/0 any 0.0.0.0/0 in
5049--A ufw-user-logging-input -p udp --dport 69 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5050+-A ufw-user-logging-input -p udp --dport 69 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5051 -A ufw-user-logging-input -p udp --dport 69 -j RETURN
5052 -A ufw-user-input -p udp --dport 69 -j ufw-user-logging-input
5053 -A ufw-user-input -p udp --dport 69 -j REJECT
5054
5055 ### tuple ### reject_log any 443 0.0.0.0/0 any 0.0.0.0/0 in
5056--A ufw-user-logging-input -p tcp --dport 443 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5057+-A ufw-user-logging-input -p tcp --dport 443 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5058 -A ufw-user-logging-input -p tcp --dport 443 -j RETURN
5059 -A ufw-user-input -p tcp --dport 443 -j ufw-user-logging-input
5060 -A ufw-user-input -p tcp --dport 443 -j REJECT --reject-with tcp-reset
5061--A ufw-user-logging-input -p udp --dport 443 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5062+-A ufw-user-logging-input -p udp --dport 443 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5063 -A ufw-user-logging-input -p udp --dport 443 -j RETURN
5064 -A ufw-user-input -p udp --dport 443 -j ufw-user-logging-input
5065 -A ufw-user-input -p udp --dport 443 -j REJECT
5066
5067 ### tuple ### reject_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
5068--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5069+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5070 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
5071 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
5072 -A ufw-user-input -p udp -m multiport --dports 137,138 -j REJECT -m comment --comment 'dapp_Samba'
5073
5074 ### tuple ### reject_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
5075--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5076+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5077 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
5078 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
5079 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j REJECT --reject-with tcp-reset -m comment --comment 'dapp_Samba'
5080
5081 ### tuple ### reject_log tcp 80 0.0.0.0/0 any 0.0.0.0/0 Apache - in
5082--A ufw-user-logging-input -p tcp --dport 80 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5083+-A ufw-user-logging-input -p tcp --dport 80 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5084 -A ufw-user-logging-input -p tcp --dport 80 -j RETURN
5085 -A ufw-user-input -p tcp --dport 80 -j ufw-user-logging-input
5086 -A ufw-user-input -p tcp --dport 80 -j REJECT --reject-with tcp-reset -m comment --comment 'dapp_Apache'
5087
5088 ### tuple ### reject_log tcp 25 10.0.0.1 25 192.168.0.1 in
5089--A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5090+-A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5091 -A ufw-user-logging-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j RETURN
5092 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j ufw-user-logging-input
5093 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 25 -j REJECT --reject-with tcp-reset
5094
5095 ### tuple ### reject_log udp 137,138 10.0.0.1 137,138 192.168.0.1 Samba Samba in
5096--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5097+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5098 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
5099 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
5100 -A ufw-user-input -p udp -m multiport --dports 137,138 -m multiport --sports 137,138 -d 10.0.0.1 -s 192.168.0.1 -j REJECT -m comment --comment 'dapp_Samba,sapp_Samba'
5101
5102 ### tuple ### reject_log tcp 139,445 10.0.0.1 139,445 192.168.0.1 Samba Samba in
5103--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5104+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
5105 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j RETURN
5106 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-logging-input
5107 -A ufw-user-input -p tcp -m multiport --dports 139,445 -m multiport --sports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j REJECT --reject-with tcp-reset -m comment --comment 'dapp_Samba,sapp_Samba'
5108@@ -1471,12 +1471,12 @@ contents of user*.rules:
5109 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5110 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5111 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5112--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5113+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5114 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5115 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5116--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5117--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5118--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5119+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5120+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5121+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5122 ### END LOGGING ###
5123
5124 ### RATE LIMITING ###
5125@@ -1541,12 +1541,12 @@ contents of user*.rules:
5126 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5127 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5128 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5129--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5130+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5131 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5132 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5133--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5134--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5135--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5136+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5137+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5138+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5139 ### END LOGGING ###
5140
5141 ### RATE LIMITING ###
5142@@ -1679,12 +1679,12 @@ contents of user*.rules:
5143 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5144 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5145 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5146--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5147+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5148 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5149 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5150--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5151--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5152--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5153+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5154+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5155+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5156 ### END LOGGING ###
5157
5158 ### RATE LIMITING ###
5159@@ -1749,12 +1749,12 @@ contents of user*.rules:
5160 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5161 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5162 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5163--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5164+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5165 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5166 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5167--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5168--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5169--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5170+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5171+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5172+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5173 ### END LOGGING ###
5174
5175 ### RATE LIMITING ###
5176@@ -1797,13 +1797,13 @@ contents of user*.rules:
5177 ### RULES ###
5178
5179 ### tuple ### allow_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
5180--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5181+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5182 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
5183 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
5184 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
5185
5186 ### tuple ### allow_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
5187--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5188+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5189 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
5190 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
5191 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
5192@@ -1820,12 +1820,12 @@ contents of user*.rules:
5193 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5194 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5195 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5196--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5197+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5198 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5199 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5200--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5201--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5202--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5203+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5204+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5205+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5206 ### END LOGGING ###
5207
5208 ### RATE LIMITING ###
5209@@ -1867,19 +1867,19 @@ contents of user*.rules:
5210 ### RULES ###
5211
5212 ### tuple ### limit_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
5213--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
5214+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
5215 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
5216 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
5217--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
5218--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
5219+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
5220+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
5221 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
5222
5223 ### tuple ### limit_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
5224--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
5225+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
5226 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
5227 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
5228--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
5229--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
5230+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
5231+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
5232 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
5233
5234 ### tuple ### reject_log-all tcp 23 10.0.0.1 any 192.168.0.1 in
5235@@ -1894,12 +1894,12 @@ contents of user*.rules:
5236 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5237 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5238 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5239--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5240+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5241 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5242 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5243--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5244--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5245--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5246+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5247+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5248+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5249 ### END LOGGING ###
5250
5251 ### RATE LIMITING ###
5252@@ -1946,12 +1946,12 @@ contents of user*.rules:
5253 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5254 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5255 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5256--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5257+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5258 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5259 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5260--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5261--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5262--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5263+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5264+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5265+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5266 ### END LOGGING ###
5267
5268 ### RATE LIMITING ###
5269@@ -2006,13 +2006,13 @@ contents of user*.rules:
5270 ### RULES ###
5271
5272 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 in_eth0
5273--A ufw-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5274+-A ufw-user-logging-input -i eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5275 -A ufw-user-logging-input -i eth0 -j RETURN
5276 -A ufw-user-input -i eth0 -j ufw-user-logging-input
5277 -A ufw-user-input -i eth0 -j ACCEPT
5278
5279 ### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 in_eth0
5280--A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5281+-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5282 -A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
5283 -A ufw-user-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j ufw-user-logging-input
5284 -A ufw-user-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j ACCEPT
5285@@ -2024,13 +2024,13 @@ contents of user*.rules:
5286 -A ufw-user-input -i eth0 -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j DROP
5287
5288 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 out_eth0
5289--A ufw-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5290+-A ufw-user-logging-output -o eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5291 -A ufw-user-logging-output -o eth0 -j RETURN
5292 -A ufw-user-output -o eth0 -j ufw-user-logging-output
5293 -A ufw-user-output -o eth0 -j ACCEPT
5294
5295 ### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 out_eth0
5296--A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5297+-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
5298 -A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
5299 -A ufw-user-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j ufw-user-logging-output
5300 -A ufw-user-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j ACCEPT
5301@@ -2047,12 +2047,12 @@ contents of user*.rules:
5302 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5303 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5304 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5305--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5306+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5307 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5308 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5309--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5310--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5311--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5312+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5313+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5314+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5315 ### END LOGGING ###
5316
5317 ### RATE LIMITING ###
5318@@ -2163,7 +2163,7 @@ WARN: Checks disabled
5319 ### LOGGING ###
5320 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5321 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5322--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5323+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5324 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5325 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5326 ### END LOGGING ###
5327@@ -2211,12 +2211,12 @@ WARN: Checks disabled
5328 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5329 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5330 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5331--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5332+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] " -m limit --limit 3/min --limit-burst 10
5333 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5334 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5335--I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5336--I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5337--I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m state --state NEW -m limit --limit 3/min --limit-burst 10
5338+-I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5339+-I ufw-before-logging-output -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5340+-I ufw-before-logging-forward -j LOG --log-prefix "[UFW AUDIT] " -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10
5341 ### END LOGGING ###
5342
5343 ### RATE LIMITING ###
5344@@ -2262,7 +2262,7 @@ WARN: Checks disabled
5345 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] "
5346 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] "
5347 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] "
5348--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] "
5349+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] "
5350 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] "
5351 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] "
5352 -I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] " -m limit --limit 3/min --limit-burst 10
5353@@ -2313,7 +2313,7 @@ WARN: Checks disabled
5354 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] "
5355 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] "
5356 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] "
5357--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] "
5358+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] "
5359 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] "
5360 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] "
5361 -I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] "
5362@@ -2364,7 +2364,7 @@ WARN: Checks disabled
5363 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] "
5364 -A ufw-after-logging-output -j LOG --log-prefix "[UFW ALLOW] "
5365 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] "
5366--A ufw-logging-deny -m state --state INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] "
5367+-A ufw-logging-deny -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW AUDIT INVALID] "
5368 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] "
5369 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] "
5370 -I ufw-before-logging-input -j LOG --log-prefix "[UFW AUDIT] "
5371diff --git a/tests/good/rules/result b/tests/good/rules/result
5372index 7c1570a..e4b918c 100644
5373--- a/tests/good/rules/result
5374+++ b/tests/good/rules/result
5375@@ -29,7 +29,7 @@ WARN: Checks disabled
5376 ### LOGGING ###
5377 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5378 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5379--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5380+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5381 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5382 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5383 ### END LOGGING ###
5384@@ -72,7 +72,7 @@ WARN: Checks disabled
5385 ### LOGGING ###
5386 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5387 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5388--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5389+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5390 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5391 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5392 ### END LOGGING ###
5393@@ -115,7 +115,7 @@ WARN: Checks disabled
5394 ### LOGGING ###
5395 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5396 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5397--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5398+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5399 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5400 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5401 ### END LOGGING ###
5402@@ -158,7 +158,7 @@ WARN: Checks disabled
5403 ### LOGGING ###
5404 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5405 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5406--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5407+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5408 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5409 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5410 ### END LOGGING ###
5411@@ -201,7 +201,7 @@ WARN: Checks disabled
5412 ### LOGGING ###
5413 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5414 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5415--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5416+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5417 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5418 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5419 ### END LOGGING ###
5420@@ -244,7 +244,7 @@ WARN: Checks disabled
5421 ### LOGGING ###
5422 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5423 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5424--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5425+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5426 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5427 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5428 ### END LOGGING ###
5429@@ -284,7 +284,7 @@ WARN: Checks disabled
5430 ### LOGGING ###
5431 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5432 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5433--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5434+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5435 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5436 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5437 ### END LOGGING ###
5438@@ -320,8 +320,8 @@ WARN: Checks disabled
5439 ### RULES ###
5440
5441 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
5442--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
5443--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
5444+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
5445+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
5446 -A ufw-user-input -p tcp --dport 22 -j ufw-user-limit-accept
5447
5448 ### END RULES ###
5449@@ -329,7 +329,7 @@ WARN: Checks disabled
5450 ### LOGGING ###
5451 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5452 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5453--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5454+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5455 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5456 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5457 ### END LOGGING ###
5458@@ -373,7 +373,7 @@ WARN: Checks disabled
5459 ### LOGGING ###
5460 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5461 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5462--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5463+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5464 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5465 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5466 ### END LOGGING ###
5467@@ -416,7 +416,7 @@ WARN: Checks disabled
5468 ### LOGGING ###
5469 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5470 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5471--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5472+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5473 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5474 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5475 ### END LOGGING ###
5476@@ -459,7 +459,7 @@ WARN: Checks disabled
5477 ### LOGGING ###
5478 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5479 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5480--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5481+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5482 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5483 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5484 ### END LOGGING ###
5485@@ -502,7 +502,7 @@ WARN: Checks disabled
5486 ### LOGGING ###
5487 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5488 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5489--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5490+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5491 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5492 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5493 ### END LOGGING ###
5494@@ -545,7 +545,7 @@ WARN: Checks disabled
5495 ### LOGGING ###
5496 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5497 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5498--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5499+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5500 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5501 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5502 ### END LOGGING ###
5503@@ -588,7 +588,7 @@ WARN: Checks disabled
5504 ### LOGGING ###
5505 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5506 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5507--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5508+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5509 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5510 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5511 ### END LOGGING ###
5512@@ -631,7 +631,7 @@ WARN: Checks disabled
5513 ### LOGGING ###
5514 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5515 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5516--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5517+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5518 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5519 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5520 ### END LOGGING ###
5521@@ -676,7 +676,7 @@ WARN: Checks disabled
5522 ### LOGGING ###
5523 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5524 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5525--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5526+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5527 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5528 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5529 ### END LOGGING ###
5530@@ -719,7 +719,7 @@ WARN: Checks disabled
5531 ### LOGGING ###
5532 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5533 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5534--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5535+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5536 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5537 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5538 ### END LOGGING ###
5539@@ -763,7 +763,7 @@ WARN: Checks disabled
5540 ### LOGGING ###
5541 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5542 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5543--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5544+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5545 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5546 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5547 ### END LOGGING ###
5548@@ -806,7 +806,7 @@ WARN: Checks disabled
5549 ### LOGGING ###
5550 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5551 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5552--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5553+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5554 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5555 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5556 ### END LOGGING ###
5557@@ -849,7 +849,7 @@ WARN: Checks disabled
5558 ### LOGGING ###
5559 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5560 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5561--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5562+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5563 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5564 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5565 ### END LOGGING ###
5566@@ -889,7 +889,7 @@ WARN: Checks disabled
5567 ### LOGGING ###
5568 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5569 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5570--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5571+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5572 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5573 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5574 ### END LOGGING ###
5575@@ -929,7 +929,7 @@ WARN: Checks disabled
5576 ### LOGGING ###
5577 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5578 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5579--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5580+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5581 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5582 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5583 ### END LOGGING ###
5584@@ -969,7 +969,7 @@ WARN: Checks disabled
5585 ### LOGGING ###
5586 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5587 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5588--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5589+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5590 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5591 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5592 ### END LOGGING ###
5593@@ -1012,7 +1012,7 @@ WARN: Checks disabled
5594 ### LOGGING ###
5595 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5596 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5597--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5598+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5599 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5600 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5601 ### END LOGGING ###
5602@@ -1052,7 +1052,7 @@ WARN: Checks disabled
5603 ### LOGGING ###
5604 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5605 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5606--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5607+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5608 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5609 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5610 ### END LOGGING ###
5611@@ -1095,7 +1095,7 @@ WARN: Checks disabled
5612 ### LOGGING ###
5613 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5614 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5615--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5616+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5617 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5618 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5619 ### END LOGGING ###
5620@@ -1135,7 +1135,7 @@ WARN: Checks disabled
5621 ### LOGGING ###
5622 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5623 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5624--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5625+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5626 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5627 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5628 ### END LOGGING ###
5629@@ -1178,7 +1178,7 @@ WARN: Checks disabled
5630 ### LOGGING ###
5631 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5632 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5633--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5634+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5635 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5636 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5637 ### END LOGGING ###
5638@@ -1218,7 +1218,7 @@ WARN: Checks disabled
5639 ### LOGGING ###
5640 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5641 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5642--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5643+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5644 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5645 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5646 ### END LOGGING ###
5647@@ -1261,7 +1261,7 @@ WARN: Checks disabled
5648 ### LOGGING ###
5649 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5650 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5651--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5652+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5653 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5654 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5655 ### END LOGGING ###
5656@@ -1301,7 +1301,7 @@ WARN: Checks disabled
5657 ### LOGGING ###
5658 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5659 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5660--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5661+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5662 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5663 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5664 ### END LOGGING ###
5665@@ -1345,7 +1345,7 @@ WARN: Checks disabled
5666 ### LOGGING ###
5667 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5668 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5669--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5670+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5671 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5672 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5673 ### END LOGGING ###
5674@@ -1385,7 +1385,7 @@ WARN: Checks disabled
5675 ### LOGGING ###
5676 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5677 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5678--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5679+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5680 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5681 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5682 ### END LOGGING ###
5683@@ -1428,7 +1428,7 @@ WARN: Checks disabled
5684 ### LOGGING ###
5685 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5686 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5687--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5688+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5689 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5690 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5691 ### END LOGGING ###
5692@@ -1468,7 +1468,7 @@ WARN: Checks disabled
5693 ### LOGGING ###
5694 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5695 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5696--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5697+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5698 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5699 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5700 ### END LOGGING ###
5701@@ -1511,7 +1511,7 @@ WARN: Checks disabled
5702 ### LOGGING ###
5703 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5704 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5705--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5706+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5707 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5708 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5709 ### END LOGGING ###
5710@@ -1551,7 +1551,7 @@ WARN: Checks disabled
5711 ### LOGGING ###
5712 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5713 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5714--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5715+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5716 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5717 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5718 ### END LOGGING ###
5719@@ -1595,7 +1595,7 @@ WARN: Checks disabled
5720 ### LOGGING ###
5721 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5722 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5723--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5724+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5725 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5726 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5727 ### END LOGGING ###
5728@@ -1635,7 +1635,7 @@ WARN: Checks disabled
5729 ### LOGGING ###
5730 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5731 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5732--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5733+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5734 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5735 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5736 ### END LOGGING ###
5737@@ -1678,7 +1678,7 @@ WARN: Checks disabled
5738 ### LOGGING ###
5739 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5740 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5741--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5742+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5743 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5744 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5745 ### END LOGGING ###
5746@@ -1718,7 +1718,7 @@ WARN: Checks disabled
5747 ### LOGGING ###
5748 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5749 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5750--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5751+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5752 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5753 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5754 ### END LOGGING ###
5755@@ -1761,7 +1761,7 @@ WARN: Checks disabled
5756 ### LOGGING ###
5757 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5758 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5759--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5760+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5761 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5762 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5763 ### END LOGGING ###
5764@@ -1801,7 +1801,7 @@ WARN: Checks disabled
5765 ### LOGGING ###
5766 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5767 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5768--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5769+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5770 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5771 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5772 ### END LOGGING ###
5773@@ -1845,7 +1845,7 @@ WARN: Checks disabled
5774 ### LOGGING ###
5775 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5776 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5777--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5778+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5779 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5780 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5781 ### END LOGGING ###
5782@@ -1885,7 +1885,7 @@ WARN: Checks disabled
5783 ### LOGGING ###
5784 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5785 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5786--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5787+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5788 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5789 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5790 ### END LOGGING ###
5791@@ -1929,7 +1929,7 @@ WARN: Checks disabled
5792 ### LOGGING ###
5793 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5794 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5795--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5796+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5797 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5798 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5799 ### END LOGGING ###
5800@@ -1969,7 +1969,7 @@ WARN: Checks disabled
5801 ### LOGGING ###
5802 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5803 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5804--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5805+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5806 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5807 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5808 ### END LOGGING ###
5809@@ -2013,7 +2013,7 @@ WARN: Checks disabled
5810 ### LOGGING ###
5811 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5812 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5813--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5814+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5815 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5816 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5817 ### END LOGGING ###
5818@@ -2053,7 +2053,7 @@ WARN: Checks disabled
5819 ### LOGGING ###
5820 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5821 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5822--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5823+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5824 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5825 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5826 ### END LOGGING ###
5827@@ -2097,7 +2097,7 @@ WARN: Checks disabled
5828 ### LOGGING ###
5829 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5830 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5831--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5832+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5833 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5834 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5835 ### END LOGGING ###
5836@@ -2137,7 +2137,7 @@ WARN: Checks disabled
5837 ### LOGGING ###
5838 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5839 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5840--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5841+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5842 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5843 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5844 ### END LOGGING ###
5845@@ -2181,7 +2181,7 @@ WARN: Checks disabled
5846 ### LOGGING ###
5847 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5848 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5849--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5850+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5851 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5852 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5853 ### END LOGGING ###
5854@@ -2221,7 +2221,7 @@ WARN: Checks disabled
5855 ### LOGGING ###
5856 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5857 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5858--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5859+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5860 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5861 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5862 ### END LOGGING ###
5863@@ -2264,7 +2264,7 @@ WARN: Checks disabled
5864 ### LOGGING ###
5865 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5866 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5867--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5868+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5869 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5870 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5871 ### END LOGGING ###
5872@@ -2304,7 +2304,7 @@ WARN: Checks disabled
5873 ### LOGGING ###
5874 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5875 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5876--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5877+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5878 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5879 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5880 ### END LOGGING ###
5881@@ -2347,7 +2347,7 @@ WARN: Checks disabled
5882 ### LOGGING ###
5883 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5884 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5885--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5886+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5887 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5888 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5889 ### END LOGGING ###
5890@@ -2387,7 +2387,7 @@ WARN: Checks disabled
5891 ### LOGGING ###
5892 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5893 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5894--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5895+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5896 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5897 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5898 ### END LOGGING ###
5899@@ -2430,7 +2430,7 @@ WARN: Checks disabled
5900 ### LOGGING ###
5901 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5902 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5903--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5904+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5905 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5906 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5907 ### END LOGGING ###
5908@@ -2470,7 +2470,7 @@ WARN: Checks disabled
5909 ### LOGGING ###
5910 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5911 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5912--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5913+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5914 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5915 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5916 ### END LOGGING ###
5917@@ -2513,7 +2513,7 @@ WARN: Checks disabled
5918 ### LOGGING ###
5919 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5920 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5921--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5922+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5923 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5924 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5925 ### END LOGGING ###
5926@@ -2553,7 +2553,7 @@ WARN: Checks disabled
5927 ### LOGGING ###
5928 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5929 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5930--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5931+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5932 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5933 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5934 ### END LOGGING ###
5935@@ -2596,7 +2596,7 @@ WARN: Checks disabled
5936 ### LOGGING ###
5937 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5938 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5939--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5940+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5941 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5942 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5943 ### END LOGGING ###
5944@@ -2636,7 +2636,7 @@ WARN: Checks disabled
5945 ### LOGGING ###
5946 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5947 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5948--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5949+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5950 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5951 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5952 ### END LOGGING ###
5953@@ -2679,7 +2679,7 @@ WARN: Checks disabled
5954 ### LOGGING ###
5955 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5956 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5957--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5958+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5959 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5960 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5961 ### END LOGGING ###
5962@@ -2719,7 +2719,7 @@ WARN: Checks disabled
5963 ### LOGGING ###
5964 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5965 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5966--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5967+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5968 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5969 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5970 ### END LOGGING ###
5971@@ -2762,7 +2762,7 @@ WARN: Checks disabled
5972 ### LOGGING ###
5973 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5974 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5975--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5976+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5977 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5978 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5979 ### END LOGGING ###
5980@@ -2802,7 +2802,7 @@ WARN: Checks disabled
5981 ### LOGGING ###
5982 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5983 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5984--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5985+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5986 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5987 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5988 ### END LOGGING ###
5989@@ -2845,7 +2845,7 @@ WARN: Checks disabled
5990 ### LOGGING ###
5991 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5992 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5993--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5994+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
5995 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
5996 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
5997 ### END LOGGING ###
5998@@ -2885,7 +2885,7 @@ WARN: Checks disabled
5999 ### LOGGING ###
6000 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6001 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6002--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6003+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6004 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6005 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6006 ### END LOGGING ###
6007@@ -2928,7 +2928,7 @@ WARN: Checks disabled
6008 ### LOGGING ###
6009 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6010 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6011--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6012+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6013 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6014 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6015 ### END LOGGING ###
6016@@ -2968,7 +2968,7 @@ WARN: Checks disabled
6017 ### LOGGING ###
6018 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6019 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6020--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6021+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6022 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6023 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6024 ### END LOGGING ###
6025@@ -3011,7 +3011,7 @@ WARN: Checks disabled
6026 ### LOGGING ###
6027 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6028 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6029--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6030+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6031 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6032 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6033 ### END LOGGING ###
6034@@ -3051,7 +3051,7 @@ WARN: Checks disabled
6035 ### LOGGING ###
6036 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6037 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6038--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6039+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6040 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6041 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6042 ### END LOGGING ###
6043@@ -3094,7 +3094,7 @@ WARN: Checks disabled
6044 ### LOGGING ###
6045 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6046 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6047--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6048+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6049 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6050 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6051 ### END LOGGING ###
6052@@ -3134,7 +3134,7 @@ WARN: Checks disabled
6053 ### LOGGING ###
6054 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6055 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6056--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6057+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6058 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6059 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6060 ### END LOGGING ###
6061@@ -3177,7 +3177,7 @@ WARN: Checks disabled
6062 ### LOGGING ###
6063 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6064 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6065--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6066+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6067 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6068 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6069 ### END LOGGING ###
6070@@ -3217,7 +3217,7 @@ WARN: Checks disabled
6071 ### LOGGING ###
6072 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6073 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6074--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6075+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6076 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6077 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6078 ### END LOGGING ###
6079@@ -3260,7 +3260,7 @@ WARN: Checks disabled
6080 ### LOGGING ###
6081 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6082 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6083--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6084+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6085 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6086 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6087 ### END LOGGING ###
6088@@ -3300,7 +3300,7 @@ WARN: Checks disabled
6089 ### LOGGING ###
6090 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6091 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6092--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6093+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6094 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6095 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6096 ### END LOGGING ###
6097@@ -3344,7 +3344,7 @@ WARN: Checks disabled
6098 ### LOGGING ###
6099 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6100 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6101--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6102+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6103 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6104 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6105 ### END LOGGING ###
6106@@ -3384,7 +3384,7 @@ WARN: Checks disabled
6107 ### LOGGING ###
6108 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6109 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6110--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6111+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6112 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6113 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6114 ### END LOGGING ###
6115@@ -3428,7 +3428,7 @@ WARN: Checks disabled
6116 ### LOGGING ###
6117 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6118 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6119--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6120+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6121 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6122 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6123 ### END LOGGING ###
6124@@ -3468,7 +3468,7 @@ WARN: Checks disabled
6125 ### LOGGING ###
6126 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6127 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6128--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6129+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6130 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6131 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6132 ### END LOGGING ###
6133@@ -3512,7 +3512,7 @@ WARN: Checks disabled
6134 ### LOGGING ###
6135 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6136 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6137--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6138+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6139 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6140 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6141 ### END LOGGING ###
6142@@ -3552,7 +3552,7 @@ WARN: Checks disabled
6143 ### LOGGING ###
6144 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6145 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6146--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6147+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6148 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6149 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6150 ### END LOGGING ###
6151@@ -3596,7 +3596,7 @@ WARN: Checks disabled
6152 ### LOGGING ###
6153 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6154 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6155--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6156+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6157 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6158 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6159 ### END LOGGING ###
6160@@ -3636,7 +3636,7 @@ WARN: Checks disabled
6161 ### LOGGING ###
6162 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6163 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6164--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6165+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6166 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6167 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6168 ### END LOGGING ###
6169@@ -3680,7 +3680,7 @@ WARN: Checks disabled
6170 ### LOGGING ###
6171 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6172 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6173--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6174+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6175 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6176 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6177 ### END LOGGING ###
6178@@ -3720,7 +3720,7 @@ WARN: Checks disabled
6179 ### LOGGING ###
6180 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6181 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6182--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6183+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6184 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6185 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6186 ### END LOGGING ###
6187@@ -3763,7 +3763,7 @@ WARN: Checks disabled
6188 ### LOGGING ###
6189 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6190 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6191--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6192+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6193 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6194 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6195 ### END LOGGING ###
6196@@ -3803,7 +3803,7 @@ WARN: Checks disabled
6197 ### LOGGING ###
6198 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6199 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6200--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6201+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6202 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6203 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6204 ### END LOGGING ###
6205@@ -3846,7 +3846,7 @@ WARN: Checks disabled
6206 ### LOGGING ###
6207 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6208 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6209--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6210+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6211 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6212 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6213 ### END LOGGING ###
6214@@ -3886,7 +3886,7 @@ WARN: Checks disabled
6215 ### LOGGING ###
6216 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6217 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6218--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6219+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6220 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6221 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6222 ### END LOGGING ###
6223@@ -3929,7 +3929,7 @@ WARN: Checks disabled
6224 ### LOGGING ###
6225 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6226 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6227--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6228+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6229 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6230 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6231 ### END LOGGING ###
6232@@ -3969,7 +3969,7 @@ WARN: Checks disabled
6233 ### LOGGING ###
6234 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6235 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6236--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6237+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6238 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6239 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6240 ### END LOGGING ###
6241@@ -4012,7 +4012,7 @@ WARN: Checks disabled
6242 ### LOGGING ###
6243 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6244 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6245--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6246+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6247 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6248 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6249 ### END LOGGING ###
6250@@ -4052,7 +4052,7 @@ WARN: Checks disabled
6251 ### LOGGING ###
6252 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6253 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6254--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6255+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6256 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6257 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6258 ### END LOGGING ###
6259@@ -4095,7 +4095,7 @@ WARN: Checks disabled
6260 ### LOGGING ###
6261 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6262 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6263--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6264+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6265 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6266 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6267 ### END LOGGING ###
6268@@ -4135,7 +4135,7 @@ WARN: Checks disabled
6269 ### LOGGING ###
6270 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6271 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6272--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6273+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6274 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6275 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6276 ### END LOGGING ###
6277@@ -4178,7 +4178,7 @@ WARN: Checks disabled
6278 ### LOGGING ###
6279 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6280 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6281--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6282+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6283 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6284 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6285 ### END LOGGING ###
6286@@ -4218,7 +4218,7 @@ WARN: Checks disabled
6287 ### LOGGING ###
6288 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6289 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6290--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6291+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6292 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6293 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6294 ### END LOGGING ###
6295@@ -4261,7 +4261,7 @@ WARN: Checks disabled
6296 ### LOGGING ###
6297 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6298 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6299--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6300+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6301 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6302 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6303 ### END LOGGING ###
6304@@ -4301,7 +4301,7 @@ WARN: Checks disabled
6305 ### LOGGING ###
6306 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6307 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6308--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6309+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6310 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6311 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6312 ### END LOGGING ###
6313@@ -4344,7 +4344,7 @@ WARN: Checks disabled
6314 ### LOGGING ###
6315 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6316 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6317--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6318+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6319 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6320 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6321 ### END LOGGING ###
6322@@ -4384,7 +4384,7 @@ WARN: Checks disabled
6323 ### LOGGING ###
6324 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6325 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6326--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6327+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6328 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6329 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6330 ### END LOGGING ###
6331@@ -4427,7 +4427,7 @@ WARN: Checks disabled
6332 ### LOGGING ###
6333 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6334 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6335--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6336+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6337 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6338 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6339 ### END LOGGING ###
6340@@ -4467,7 +4467,7 @@ WARN: Checks disabled
6341 ### LOGGING ###
6342 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6343 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6344--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6345+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6346 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6347 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6348 ### END LOGGING ###
6349@@ -4510,7 +4510,7 @@ WARN: Checks disabled
6350 ### LOGGING ###
6351 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6352 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6353--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6354+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6355 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6356 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6357 ### END LOGGING ###
6358@@ -4550,7 +4550,7 @@ WARN: Checks disabled
6359 ### LOGGING ###
6360 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6361 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6362--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6363+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6364 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6365 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6366 ### END LOGGING ###
6367@@ -4586,8 +4586,8 @@ WARN: Checks disabled
6368 ### RULES ###
6369
6370 ### tuple ### limit any any 0.0.0.0/0 any 192.168.0.1 in
6371--A ufw-user-input -s 192.168.0.1 -m state --state NEW -m recent --set
6372--A ufw-user-input -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6373+-A ufw-user-input -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
6374+-A ufw-user-input -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6375 -A ufw-user-input -s 192.168.0.1 -j ufw-user-limit-accept
6376
6377 ### END RULES ###
6378@@ -4595,7 +4595,7 @@ WARN: Checks disabled
6379 ### LOGGING ###
6380 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6381 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6382--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6383+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6384 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6385 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6386 ### END LOGGING ###
6387@@ -4635,7 +4635,7 @@ WARN: Checks disabled
6388 ### LOGGING ###
6389 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6390 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6391--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6392+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6393 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6394 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6395 ### END LOGGING ###
6396@@ -4671,8 +4671,8 @@ WARN: Checks disabled
6397 ### RULES ###
6398
6399 ### tuple ### limit any any 10.0.0.1 any 0.0.0.0/0 in
6400--A ufw-user-input -d 10.0.0.1 -m state --state NEW -m recent --set
6401--A ufw-user-input -d 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6402+-A ufw-user-input -d 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
6403+-A ufw-user-input -d 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6404 -A ufw-user-input -d 10.0.0.1 -j ufw-user-limit-accept
6405
6406 ### END RULES ###
6407@@ -4680,7 +4680,7 @@ WARN: Checks disabled
6408 ### LOGGING ###
6409 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6410 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6411--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6412+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6413 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6414 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6415 ### END LOGGING ###
6416@@ -4720,7 +4720,7 @@ WARN: Checks disabled
6417 ### LOGGING ###
6418 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6419 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6420--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6421+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6422 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6423 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6424 ### END LOGGING ###
6425@@ -4756,8 +4756,8 @@ WARN: Checks disabled
6426 ### RULES ###
6427
6428 ### tuple ### limit any any 10.0.0.1 any 192.168.0.1 in
6429--A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set
6430--A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6431+-A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
6432+-A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6433 -A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-limit-accept
6434
6435 ### END RULES ###
6436@@ -4765,7 +4765,7 @@ WARN: Checks disabled
6437 ### LOGGING ###
6438 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6439 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6440--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6441+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6442 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6443 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6444 ### END LOGGING ###
6445@@ -4805,7 +4805,7 @@ WARN: Checks disabled
6446 ### LOGGING ###
6447 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6448 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6449--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6450+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6451 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6452 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6453 ### END LOGGING ###
6454@@ -4841,11 +4841,11 @@ WARN: Checks disabled
6455 ### RULES ###
6456
6457 ### tuple ### limit any any 0.0.0.0/0 80 192.168.0.1 in
6458--A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6459--A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6460+-A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6461+-A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6462 -A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6463--A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6464--A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6465+-A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6466+-A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6467 -A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6468
6469 ### END RULES ###
6470@@ -4853,7 +4853,7 @@ WARN: Checks disabled
6471 ### LOGGING ###
6472 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6473 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6474--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6475+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6476 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6477 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6478 ### END LOGGING ###
6479@@ -4893,7 +4893,7 @@ WARN: Checks disabled
6480 ### LOGGING ###
6481 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6482 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6483--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6484+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6485 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6486 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6487 ### END LOGGING ###
6488@@ -4929,11 +4929,11 @@ WARN: Checks disabled
6489 ### RULES ###
6490
6491 ### tuple ### limit any 25 10.0.0.1 any 0.0.0.0/0 in
6492--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --set
6493--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6494+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --set
6495+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6496 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -j ufw-user-limit-accept
6497--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --set
6498--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6499+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --set
6500+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6501 -A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -j ufw-user-limit-accept
6502
6503 ### END RULES ###
6504@@ -4941,7 +4941,7 @@ WARN: Checks disabled
6505 ### LOGGING ###
6506 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6507 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6508--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6509+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6510 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6511 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6512 ### END LOGGING ###
6513@@ -4981,7 +4981,7 @@ WARN: Checks disabled
6514 ### LOGGING ###
6515 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6516 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6517--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6518+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6519 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6520 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6521 ### END LOGGING ###
6522@@ -5017,11 +5017,11 @@ WARN: Checks disabled
6523 ### RULES ###
6524
6525 ### tuple ### limit any any 10.0.0.1 80 192.168.0.1 in
6526--A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6527--A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6528+-A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6529+-A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6530 -A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6531--A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6532--A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6533+-A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6534+-A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6535 -A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6536
6537 ### END RULES ###
6538@@ -5029,7 +5029,7 @@ WARN: Checks disabled
6539 ### LOGGING ###
6540 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6541 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6542--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6543+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6544 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6545 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6546 ### END LOGGING ###
6547@@ -5069,7 +5069,7 @@ WARN: Checks disabled
6548 ### LOGGING ###
6549 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6550 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6551--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6552+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6553 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6554 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6555 ### END LOGGING ###
6556@@ -5105,11 +5105,11 @@ WARN: Checks disabled
6557 ### RULES ###
6558
6559 ### tuple ### limit any 25 10.0.0.1 any 192.168.0.1 in
6560--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --set
6561--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6562+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
6563+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6564 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j ufw-user-limit-accept
6565--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --set
6566--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6567+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
6568+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6569 -A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j ufw-user-limit-accept
6570
6571 ### END RULES ###
6572@@ -5117,7 +5117,7 @@ WARN: Checks disabled
6573 ### LOGGING ###
6574 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6575 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6576--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6577+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6578 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6579 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6580 ### END LOGGING ###
6581@@ -5157,7 +5157,7 @@ WARN: Checks disabled
6582 ### LOGGING ###
6583 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6584 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6585--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6586+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6587 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6588 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6589 ### END LOGGING ###
6590@@ -5193,11 +5193,11 @@ WARN: Checks disabled
6591 ### RULES ###
6592
6593 ### tuple ### limit any 25 10.0.0.1 80 192.168.0.1 in
6594--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6595--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6596+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6597+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6598 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6599--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6600--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6601+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6602+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6603 -A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6604
6605 ### END RULES ###
6606@@ -5205,7 +5205,7 @@ WARN: Checks disabled
6607 ### LOGGING ###
6608 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6609 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6610--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6611+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6612 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6613 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6614 ### END LOGGING ###
6615@@ -5245,7 +5245,7 @@ WARN: Checks disabled
6616 ### LOGGING ###
6617 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6618 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6619--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6620+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6621 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6622 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6623 ### END LOGGING ###
6624@@ -5281,8 +5281,8 @@ WARN: Checks disabled
6625 ### RULES ###
6626
6627 ### tuple ### limit udp any 0.0.0.0/0 80 192.168.0.1 in
6628--A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6629--A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6630+-A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6631+-A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6632 -A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6633
6634 ### END RULES ###
6635@@ -5290,7 +5290,7 @@ WARN: Checks disabled
6636 ### LOGGING ###
6637 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6638 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6639--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6640+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6641 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6642 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6643 ### END LOGGING ###
6644@@ -5330,7 +5330,7 @@ WARN: Checks disabled
6645 ### LOGGING ###
6646 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6647 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6648--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6649+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6650 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6651 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6652 ### END LOGGING ###
6653@@ -5366,8 +5366,8 @@ WARN: Checks disabled
6654 ### RULES ###
6655
6656 ### tuple ### limit udp 25 10.0.0.1 any 0.0.0.0/0 in
6657--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --set
6658--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6659+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --set
6660+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6661 -A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -j ufw-user-limit-accept
6662
6663 ### END RULES ###
6664@@ -5375,7 +5375,7 @@ WARN: Checks disabled
6665 ### LOGGING ###
6666 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6667 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6668--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6669+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6670 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6671 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6672 ### END LOGGING ###
6673@@ -5415,7 +5415,7 @@ WARN: Checks disabled
6674 ### LOGGING ###
6675 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6676 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6677--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6678+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6679 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6680 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6681 ### END LOGGING ###
6682@@ -5451,8 +5451,8 @@ WARN: Checks disabled
6683 ### RULES ###
6684
6685 ### tuple ### limit udp any 10.0.0.1 80 192.168.0.1 in
6686--A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6687--A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6688+-A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6689+-A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6690 -A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6691
6692 ### END RULES ###
6693@@ -5460,7 +5460,7 @@ WARN: Checks disabled
6694 ### LOGGING ###
6695 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6696 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6697--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6698+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6699 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6700 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6701 ### END LOGGING ###
6702@@ -5500,7 +5500,7 @@ WARN: Checks disabled
6703 ### LOGGING ###
6704 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6705 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6706--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6707+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6708 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6709 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6710 ### END LOGGING ###
6711@@ -5536,8 +5536,8 @@ WARN: Checks disabled
6712 ### RULES ###
6713
6714 ### tuple ### limit udp 25 10.0.0.1 any 192.168.0.1 in
6715--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --set
6716--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6717+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
6718+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6719 -A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j ufw-user-limit-accept
6720
6721 ### END RULES ###
6722@@ -5545,7 +5545,7 @@ WARN: Checks disabled
6723 ### LOGGING ###
6724 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6725 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6726--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6727+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6728 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6729 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6730 ### END LOGGING ###
6731@@ -5585,7 +5585,7 @@ WARN: Checks disabled
6732 ### LOGGING ###
6733 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6734 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6735--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6736+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6737 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6738 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6739 ### END LOGGING ###
6740@@ -5621,8 +5621,8 @@ WARN: Checks disabled
6741 ### RULES ###
6742
6743 ### tuple ### limit udp 25 10.0.0.1 80 192.168.0.1 in
6744--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6745--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6746+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6747+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6748 -A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6749
6750 ### END RULES ###
6751@@ -5630,7 +5630,7 @@ WARN: Checks disabled
6752 ### LOGGING ###
6753 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6754 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6755--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6756+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6757 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6758 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6759 ### END LOGGING ###
6760@@ -5670,7 +5670,7 @@ WARN: Checks disabled
6761 ### LOGGING ###
6762 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6763 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6764--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6765+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6766 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6767 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6768 ### END LOGGING ###
6769@@ -5706,8 +5706,8 @@ WARN: Checks disabled
6770 ### RULES ###
6771
6772 ### tuple ### limit tcp any 0.0.0.0/0 80 192.168.0.1 in
6773--A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6774--A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6775+-A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6776+-A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6777 -A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6778
6779 ### END RULES ###
6780@@ -5715,7 +5715,7 @@ WARN: Checks disabled
6781 ### LOGGING ###
6782 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6783 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6784--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6785+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6786 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6787 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6788 ### END LOGGING ###
6789@@ -5755,7 +5755,7 @@ WARN: Checks disabled
6790 ### LOGGING ###
6791 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6792 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6793--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6794+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6795 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6796 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6797 ### END LOGGING ###
6798@@ -5791,8 +5791,8 @@ WARN: Checks disabled
6799 ### RULES ###
6800
6801 ### tuple ### limit tcp 25 10.0.0.1 any 0.0.0.0/0 in
6802--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --set
6803--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6804+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --set
6805+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6806 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -j ufw-user-limit-accept
6807
6808 ### END RULES ###
6809@@ -5800,7 +5800,7 @@ WARN: Checks disabled
6810 ### LOGGING ###
6811 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6812 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6813--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6814+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6815 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6816 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6817 ### END LOGGING ###
6818@@ -5840,7 +5840,7 @@ WARN: Checks disabled
6819 ### LOGGING ###
6820 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6821 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6822--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6823+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6824 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6825 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6826 ### END LOGGING ###
6827@@ -5876,8 +5876,8 @@ WARN: Checks disabled
6828 ### RULES ###
6829
6830 ### tuple ### limit tcp any 10.0.0.1 80 192.168.0.1 in
6831--A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6832--A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6833+-A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6834+-A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6835 -A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6836
6837 ### END RULES ###
6838@@ -5885,7 +5885,7 @@ WARN: Checks disabled
6839 ### LOGGING ###
6840 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6841 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6842--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6843+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6844 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6845 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6846 ### END LOGGING ###
6847@@ -5925,7 +5925,7 @@ WARN: Checks disabled
6848 ### LOGGING ###
6849 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6850 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6851--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6852+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6853 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6854 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6855 ### END LOGGING ###
6856@@ -5961,8 +5961,8 @@ WARN: Checks disabled
6857 ### RULES ###
6858
6859 ### tuple ### limit tcp 25 10.0.0.1 any 192.168.0.1 in
6860--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --set
6861--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6862+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
6863+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6864 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j ufw-user-limit-accept
6865
6866 ### END RULES ###
6867@@ -5970,7 +5970,7 @@ WARN: Checks disabled
6868 ### LOGGING ###
6869 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6870 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6871--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6872+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6873 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6874 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6875 ### END LOGGING ###
6876@@ -6010,7 +6010,7 @@ WARN: Checks disabled
6877 ### LOGGING ###
6878 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6879 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6880--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6881+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6882 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6883 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6884 ### END LOGGING ###
6885@@ -6046,8 +6046,8 @@ WARN: Checks disabled
6886 ### RULES ###
6887
6888 ### tuple ### limit tcp 25 10.0.0.1 80 192.168.0.1 in
6889--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
6890--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6891+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
6892+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
6893 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
6894
6895 ### END RULES ###
6896@@ -6055,7 +6055,7 @@ WARN: Checks disabled
6897 ### LOGGING ###
6898 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6899 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6900--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6901+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6902 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6903 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6904 ### END LOGGING ###
6905@@ -6095,7 +6095,7 @@ WARN: Checks disabled
6906 ### LOGGING ###
6907 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6908 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6909--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6910+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6911 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6912 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6913 ### END LOGGING ###
6914@@ -6139,7 +6139,7 @@ WARN: Checks disabled
6915 ### LOGGING ###
6916 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6917 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6918--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6919+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6920 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6921 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6922 ### END LOGGING ###
6923@@ -6179,7 +6179,7 @@ WARN: Checks disabled
6924 ### LOGGING ###
6925 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6926 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6927--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6928+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6929 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6930 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6931 ### END LOGGING ###
6932@@ -6222,7 +6222,7 @@ WARN: Checks disabled
6933 ### LOGGING ###
6934 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6935 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6936--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6937+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6938 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6939 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6940 ### END LOGGING ###
6941@@ -6262,7 +6262,7 @@ WARN: Checks disabled
6942 ### LOGGING ###
6943 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6944 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6945--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6946+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6947 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6948 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6949 ### END LOGGING ###
6950@@ -6305,7 +6305,7 @@ WARN: Checks disabled
6951 ### LOGGING ###
6952 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6953 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6954--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6955+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6956 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6957 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6958 ### END LOGGING ###
6959@@ -6345,7 +6345,7 @@ WARN: Checks disabled
6960 ### LOGGING ###
6961 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6962 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6963--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6964+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6965 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6966 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6967 ### END LOGGING ###
6968@@ -6388,7 +6388,7 @@ WARN: Checks disabled
6969 ### LOGGING ###
6970 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6971 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6972--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6973+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6974 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6975 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6976 ### END LOGGING ###
6977@@ -6428,7 +6428,7 @@ WARN: Checks disabled
6978 ### LOGGING ###
6979 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6980 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6981--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6982+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6983 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6984 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6985 ### END LOGGING ###
6986@@ -6471,7 +6471,7 @@ WARN: Checks disabled
6987 ### LOGGING ###
6988 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6989 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6990--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6991+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
6992 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6993 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
6994 ### END LOGGING ###
6995@@ -6511,7 +6511,7 @@ WARN: Checks disabled
6996 ### LOGGING ###
6997 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6998 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
6999--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7000+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7001 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7002 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7003 ### END LOGGING ###
7004@@ -6554,7 +6554,7 @@ WARN: Checks disabled
7005 ### LOGGING ###
7006 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7007 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7008--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7009+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7010 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7011 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7012 ### END LOGGING ###
7013@@ -6594,7 +6594,7 @@ WARN: Checks disabled
7014 ### LOGGING ###
7015 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7016 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7017--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7018+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7019 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7020 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7021 ### END LOGGING ###
7022@@ -6637,7 +6637,7 @@ WARN: Checks disabled
7023 ### LOGGING ###
7024 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7025 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7026--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7027+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7028 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7029 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7030 ### END LOGGING ###
7031@@ -6677,7 +6677,7 @@ WARN: Checks disabled
7032 ### LOGGING ###
7033 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7034 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7035--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7036+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7037 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7038 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7039 ### END LOGGING ###
7040@@ -6720,7 +6720,7 @@ WARN: Checks disabled
7041 ### LOGGING ###
7042 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7043 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7044--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7045+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7046 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7047 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7048 ### END LOGGING ###
7049@@ -6760,7 +6760,7 @@ WARN: Checks disabled
7050 ### LOGGING ###
7051 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7052 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7053--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7054+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7055 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7056 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7057 ### END LOGGING ###
7058@@ -6803,7 +6803,7 @@ WARN: Checks disabled
7059 ### LOGGING ###
7060 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7061 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7062--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7063+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7064 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7065 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7066 ### END LOGGING ###
7067@@ -6843,7 +6843,7 @@ WARN: Checks disabled
7068 ### LOGGING ###
7069 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7070 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7071--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7072+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7073 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7074 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7075 ### END LOGGING ###
7076@@ -6886,7 +6886,7 @@ WARN: Checks disabled
7077 ### LOGGING ###
7078 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7079 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7080--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7081+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7082 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7083 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7084 ### END LOGGING ###
7085@@ -6926,7 +6926,7 @@ WARN: Checks disabled
7086 ### LOGGING ###
7087 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7088 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7089--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7090+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7091 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7092 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7093 ### END LOGGING ###
7094@@ -6970,7 +6970,7 @@ WARN: Checks disabled
7095 ### LOGGING ###
7096 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7097 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7098--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7099+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7100 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7101 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7102 ### END LOGGING ###
7103@@ -7010,7 +7010,7 @@ WARN: Checks disabled
7104 ### LOGGING ###
7105 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7106 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7107--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7108+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7109 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7110 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7111 ### END LOGGING ###
7112@@ -7054,7 +7054,7 @@ WARN: Checks disabled
7113 ### LOGGING ###
7114 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7115 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7116--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7117+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7118 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7119 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7120 ### END LOGGING ###
7121@@ -7094,7 +7094,7 @@ WARN: Checks disabled
7122 ### LOGGING ###
7123 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7124 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7125--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7126+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7127 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7128 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7129 ### END LOGGING ###
7130@@ -7138,7 +7138,7 @@ WARN: Checks disabled
7131 ### LOGGING ###
7132 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7133 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7134--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7135+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7136 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7137 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7138 ### END LOGGING ###
7139@@ -7178,7 +7178,7 @@ WARN: Checks disabled
7140 ### LOGGING ###
7141 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7142 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7143--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7144+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7145 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7146 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7147 ### END LOGGING ###
7148@@ -7221,7 +7221,7 @@ WARN: Checks disabled
7149 ### LOGGING ###
7150 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7151 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7152--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7153+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7154 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7155 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7156 ### END LOGGING ###
7157@@ -7261,7 +7261,7 @@ WARN: Checks disabled
7158 ### LOGGING ###
7159 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7160 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7161--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7162+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7163 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7164 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7165 ### END LOGGING ###
7166@@ -7304,7 +7304,7 @@ WARN: Checks disabled
7167 ### LOGGING ###
7168 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7169 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7170--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7171+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7172 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7173 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7174 ### END LOGGING ###
7175@@ -7344,7 +7344,7 @@ WARN: Checks disabled
7176 ### LOGGING ###
7177 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7178 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7179--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7180+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7181 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7182 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7183 ### END LOGGING ###
7184@@ -7387,7 +7387,7 @@ WARN: Checks disabled
7185 ### LOGGING ###
7186 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7187 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7188--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7189+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7190 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7191 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7192 ### END LOGGING ###
7193@@ -7427,7 +7427,7 @@ WARN: Checks disabled
7194 ### LOGGING ###
7195 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7196 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7197--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7198+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7199 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7200 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7201 ### END LOGGING ###
7202@@ -7470,7 +7470,7 @@ WARN: Checks disabled
7203 ### LOGGING ###
7204 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7205 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7206--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7207+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7208 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7209 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7210 ### END LOGGING ###
7211@@ -7510,7 +7510,7 @@ WARN: Checks disabled
7212 ### LOGGING ###
7213 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7214 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7215--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7216+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7217 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7218 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7219 ### END LOGGING ###
7220@@ -7553,7 +7553,7 @@ WARN: Checks disabled
7221 ### LOGGING ###
7222 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7223 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7224--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7225+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7226 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7227 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7228 ### END LOGGING ###
7229@@ -7593,7 +7593,7 @@ WARN: Checks disabled
7230 ### LOGGING ###
7231 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7232 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7233--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7234+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7235 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7236 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7237 ### END LOGGING ###
7238@@ -7636,7 +7636,7 @@ WARN: Checks disabled
7239 ### LOGGING ###
7240 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7241 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7242--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7243+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7244 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7245 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7246 ### END LOGGING ###
7247@@ -7676,7 +7676,7 @@ WARN: Checks disabled
7248 ### LOGGING ###
7249 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7250 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7251--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7252+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7253 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7254 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7255 ### END LOGGING ###
7256@@ -7719,7 +7719,7 @@ WARN: Checks disabled
7257 ### LOGGING ###
7258 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7259 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7260--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7261+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7262 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7263 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7264 ### END LOGGING ###
7265@@ -7759,7 +7759,7 @@ WARN: Checks disabled
7266 ### LOGGING ###
7267 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7268 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7269--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7270+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7271 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7272 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7273 ### END LOGGING ###
7274@@ -7802,7 +7802,7 @@ WARN: Checks disabled
7275 ### LOGGING ###
7276 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7277 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7278--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7279+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7280 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7281 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7282 ### END LOGGING ###
7283@@ -7842,7 +7842,7 @@ WARN: Checks disabled
7284 ### LOGGING ###
7285 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7286 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7287--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7288+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7289 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7290 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7291 ### END LOGGING ###
7292@@ -7885,7 +7885,7 @@ WARN: Checks disabled
7293 ### LOGGING ###
7294 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7295 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7296--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7297+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7298 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7299 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7300 ### END LOGGING ###
7301@@ -7925,7 +7925,7 @@ WARN: Checks disabled
7302 ### LOGGING ###
7303 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7304 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7305--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7306+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7307 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7308 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7309 ### END LOGGING ###
7310@@ -7968,7 +7968,7 @@ WARN: Checks disabled
7311 ### LOGGING ###
7312 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7313 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7314--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7315+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7316 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7317 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7318 ### END LOGGING ###
7319@@ -8008,7 +8008,7 @@ WARN: Checks disabled
7320 ### LOGGING ###
7321 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7322 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7323--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7324+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7325 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7326 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7327 ### END LOGGING ###
7328@@ -8051,7 +8051,7 @@ WARN: Checks disabled
7329 ### LOGGING ###
7330 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7331 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7332--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7333+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7334 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7335 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7336 ### END LOGGING ###
7337@@ -8091,7 +8091,7 @@ WARN: Checks disabled
7338 ### LOGGING ###
7339 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7340 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7341--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7342+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7343 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7344 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7345 ### END LOGGING ###
7346@@ -8134,7 +8134,7 @@ WARN: Checks disabled
7347 ### LOGGING ###
7348 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7349 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7350--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7351+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7352 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7353 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7354 ### END LOGGING ###
7355@@ -8174,7 +8174,7 @@ WARN: Checks disabled
7356 ### LOGGING ###
7357 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7358 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7359--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7360+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7361 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7362 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7363 ### END LOGGING ###
7364@@ -8217,7 +8217,7 @@ WARN: Checks disabled
7365 ### LOGGING ###
7366 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7367 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7368--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7369+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7370 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7371 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7372 ### END LOGGING ###
7373@@ -8257,7 +8257,7 @@ WARN: Checks disabled
7374 ### LOGGING ###
7375 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7376 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7377--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7378+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7379 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7380 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7381 ### END LOGGING ###
7382@@ -8300,7 +8300,7 @@ WARN: Checks disabled
7383 ### LOGGING ###
7384 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7385 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7386--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7387+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7388 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7389 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7390 ### END LOGGING ###
7391@@ -8340,7 +8340,7 @@ WARN: Checks disabled
7392 ### LOGGING ###
7393 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7394 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7395--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7396+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7397 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7398 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7399 ### END LOGGING ###
7400@@ -8383,7 +8383,7 @@ WARN: Checks disabled
7401 ### LOGGING ###
7402 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7403 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7404--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7405+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7406 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7407 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7408 ### END LOGGING ###
7409@@ -8423,7 +8423,7 @@ WARN: Checks disabled
7410 ### LOGGING ###
7411 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7412 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7413--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7414+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7415 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7416 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7417 ### END LOGGING ###
7418@@ -8466,7 +8466,7 @@ WARN: Checks disabled
7419 ### LOGGING ###
7420 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7421 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7422--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7423+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7424 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7425 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7426 ### END LOGGING ###
7427@@ -8506,7 +8506,7 @@ WARN: Checks disabled
7428 ### LOGGING ###
7429 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7430 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7431--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7432+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7433 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7434 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7435 ### END LOGGING ###
7436@@ -8550,7 +8550,7 @@ WARN: Checks disabled
7437 ### LOGGING ###
7438 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7439 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7440--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7441+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7442 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7443 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7444 ### END LOGGING ###
7445@@ -8594,7 +8594,7 @@ WARN: Checks disabled
7446 ### LOGGING ###
7447 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7448 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7449--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7450+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7451 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7452 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7453 ### END LOGGING ###
7454@@ -8637,7 +8637,7 @@ WARN: Checks disabled
7455 ### LOGGING ###
7456 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7457 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7458--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7459+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7460 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7461 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7462 ### END LOGGING ###
7463@@ -8680,7 +8680,7 @@ WARN: Checks disabled
7464 ### LOGGING ###
7465 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7466 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7467--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7468+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7469 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7470 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7471 ### END LOGGING ###
7472@@ -8724,7 +8724,7 @@ WARN: Checks disabled
7473 ### LOGGING ###
7474 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7475 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7476--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7477+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7478 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7479 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7480 ### END LOGGING ###
7481@@ -8767,7 +8767,7 @@ WARN: Checks disabled
7482 ### LOGGING ###
7483 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7484 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7485--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7486+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7487 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7488 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7489 ### END LOGGING ###
7490@@ -8810,7 +8810,7 @@ WARN: Checks disabled
7491 ### LOGGING ###
7492 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7493 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7494--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7495+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7496 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7497 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7498 ### END LOGGING ###
7499@@ -8854,7 +8854,7 @@ WARN: Checks disabled
7500 ### LOGGING ###
7501 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7502 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7503--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7504+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7505 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7506 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7507 ### END LOGGING ###
7508@@ -8898,7 +8898,7 @@ WARN: Checks disabled
7509 ### LOGGING ###
7510 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7511 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7512--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7513+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7514 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7515 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7516 ### END LOGGING ###
7517@@ -8941,7 +8941,7 @@ WARN: Checks disabled
7518 ### LOGGING ###
7519 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7520 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7521--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7522+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7523 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7524 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7525 ### END LOGGING ###
7526@@ -8984,7 +8984,7 @@ WARN: Checks disabled
7527 ### LOGGING ###
7528 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7529 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7530--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7531+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7532 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7533 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7534 ### END LOGGING ###
7535@@ -9027,7 +9027,7 @@ WARN: Checks disabled
7536 ### LOGGING ###
7537 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7538 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7539--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7540+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7541 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7542 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7543 ### END LOGGING ###
7544@@ -9070,7 +9070,7 @@ WARN: Checks disabled
7545 ### LOGGING ###
7546 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7547 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7548--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7549+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7550 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7551 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7552 ### END LOGGING ###
7553@@ -9113,7 +9113,7 @@ WARN: Checks disabled
7554 ### LOGGING ###
7555 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7556 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7557--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7558+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7559 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7560 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7561 ### END LOGGING ###
7562@@ -9156,7 +9156,7 @@ WARN: Checks disabled
7563 ### LOGGING ###
7564 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7565 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7566--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7567+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7568 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7569 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7570 ### END LOGGING ###
7571@@ -9199,7 +9199,7 @@ WARN: Checks disabled
7572 ### LOGGING ###
7573 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7574 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7575--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7576+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7577 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7578 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7579 ### END LOGGING ###
7580@@ -9242,7 +9242,7 @@ WARN: Checks disabled
7581 ### LOGGING ###
7582 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7583 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7584--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7585+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7586 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7587 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7588 ### END LOGGING ###
7589@@ -9285,7 +9285,7 @@ WARN: Checks disabled
7590 ### LOGGING ###
7591 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7592 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7593--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7594+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7595 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7596 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7597 ### END LOGGING ###
7598@@ -9328,7 +9328,7 @@ WARN: Checks disabled
7599 ### LOGGING ###
7600 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7601 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7602--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7603+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7604 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7605 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7606 ### END LOGGING ###
7607@@ -9371,7 +9371,7 @@ WARN: Checks disabled
7608 ### LOGGING ###
7609 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7610 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7611--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7612+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7613 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7614 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7615 ### END LOGGING ###
7616@@ -9414,7 +9414,7 @@ WARN: Checks disabled
7617 ### LOGGING ###
7618 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7619 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7620--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7621+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7622 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7623 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7624 ### END LOGGING ###
7625@@ -9457,7 +9457,7 @@ WARN: Checks disabled
7626 ### LOGGING ###
7627 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7628 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7629--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7630+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7631 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7632 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7633 ### END LOGGING ###
7634@@ -9500,7 +9500,7 @@ WARN: Checks disabled
7635 ### LOGGING ###
7636 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7637 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7638--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7639+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7640 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7641 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7642 ### END LOGGING ###
7643@@ -9543,7 +9543,7 @@ WARN: Checks disabled
7644 ### LOGGING ###
7645 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7646 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7647--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7648+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7649 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7650 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7651 ### END LOGGING ###
7652@@ -9586,7 +9586,7 @@ WARN: Checks disabled
7653 ### LOGGING ###
7654 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7655 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7656--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7657+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7658 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7659 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7660 ### END LOGGING ###
7661@@ -9629,7 +9629,7 @@ WARN: Checks disabled
7662 ### LOGGING ###
7663 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7664 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7665--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7666+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7667 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7668 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7669 ### END LOGGING ###
7670@@ -9672,7 +9672,7 @@ WARN: Checks disabled
7671 ### LOGGING ###
7672 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7673 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7674--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7675+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7676 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7677 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7678 ### END LOGGING ###
7679@@ -9715,7 +9715,7 @@ WARN: Checks disabled
7680 ### LOGGING ###
7681 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7682 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7683--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7684+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7685 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7686 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7687 ### END LOGGING ###
7688@@ -9758,7 +9758,7 @@ WARN: Checks disabled
7689 ### LOGGING ###
7690 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7691 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7692--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7693+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7694 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7695 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7696 ### END LOGGING ###
7697@@ -9801,7 +9801,7 @@ WARN: Checks disabled
7698 ### LOGGING ###
7699 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7700 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7701--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7702+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7703 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7704 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7705 ### END LOGGING ###
7706@@ -9844,7 +9844,7 @@ WARN: Checks disabled
7707 ### LOGGING ###
7708 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7709 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7710--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7711+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7712 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7713 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7714 ### END LOGGING ###
7715@@ -9887,7 +9887,7 @@ WARN: Checks disabled
7716 ### LOGGING ###
7717 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7718 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7719--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7720+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7721 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7722 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7723 ### END LOGGING ###
7724@@ -9930,7 +9930,7 @@ WARN: Checks disabled
7725 ### LOGGING ###
7726 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7727 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7728--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7729+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7730 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7731 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7732 ### END LOGGING ###
7733@@ -9973,7 +9973,7 @@ WARN: Checks disabled
7734 ### LOGGING ###
7735 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7736 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7737--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7738+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7739 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7740 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7741 ### END LOGGING ###
7742@@ -10016,7 +10016,7 @@ WARN: Checks disabled
7743 ### LOGGING ###
7744 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7745 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7746--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7747+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7748 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7749 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7750 ### END LOGGING ###
7751@@ -10059,7 +10059,7 @@ WARN: Checks disabled
7752 ### LOGGING ###
7753 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7754 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7755--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7756+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7757 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7758 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7759 ### END LOGGING ###
7760@@ -10102,7 +10102,7 @@ WARN: Checks disabled
7761 ### LOGGING ###
7762 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7763 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7764--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7765+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7766 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7767 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7768 ### END LOGGING ###
7769@@ -10145,7 +10145,7 @@ WARN: Checks disabled
7770 ### LOGGING ###
7771 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7772 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7773--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7774+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7775 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7776 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7777 ### END LOGGING ###
7778@@ -10188,7 +10188,7 @@ WARN: Checks disabled
7779 ### LOGGING ###
7780 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7781 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7782--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7783+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7784 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7785 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7786 ### END LOGGING ###
7787@@ -10231,7 +10231,7 @@ WARN: Checks disabled
7788 ### LOGGING ###
7789 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7790 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7791--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7792+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7793 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7794 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7795 ### END LOGGING ###
7796@@ -10274,7 +10274,7 @@ WARN: Checks disabled
7797 ### LOGGING ###
7798 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7799 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7800--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7801+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7802 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7803 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7804 ### END LOGGING ###
7805@@ -10317,7 +10317,7 @@ WARN: Checks disabled
7806 ### LOGGING ###
7807 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7808 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7809--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7810+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7811 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7812 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7813 ### END LOGGING ###
7814@@ -10360,7 +10360,7 @@ WARN: Checks disabled
7815 ### LOGGING ###
7816 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7817 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7818--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7819+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7820 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7821 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7822 ### END LOGGING ###
7823@@ -10403,7 +10403,7 @@ WARN: Checks disabled
7824 ### LOGGING ###
7825 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7826 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7827--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7828+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7829 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7830 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7831 ### END LOGGING ###
7832@@ -10446,7 +10446,7 @@ WARN: Checks disabled
7833 ### LOGGING ###
7834 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7835 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7836--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7837+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7838 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7839 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7840 ### END LOGGING ###
7841@@ -10489,7 +10489,7 @@ WARN: Checks disabled
7842 ### LOGGING ###
7843 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7844 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7845--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7846+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7847 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7848 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7849 ### END LOGGING ###
7850@@ -10532,7 +10532,7 @@ WARN: Checks disabled
7851 ### LOGGING ###
7852 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7853 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7854--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7855+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7856 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7857 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7858 ### END LOGGING ###
7859@@ -10575,7 +10575,7 @@ WARN: Checks disabled
7860 ### LOGGING ###
7861 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7862 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7863--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7864+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7865 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7866 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7867 ### END LOGGING ###
7868@@ -10618,7 +10618,7 @@ WARN: Checks disabled
7869 ### LOGGING ###
7870 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7871 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7872--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7873+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7874 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7875 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7876 ### END LOGGING ###
7877@@ -10661,7 +10661,7 @@ WARN: Checks disabled
7878 ### LOGGING ###
7879 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7880 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7881--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7882+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7883 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7884 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7885 ### END LOGGING ###
7886@@ -10704,7 +10704,7 @@ WARN: Checks disabled
7887 ### LOGGING ###
7888 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7889 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7890--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7891+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7892 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7893 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7894 ### END LOGGING ###
7895@@ -10747,7 +10747,7 @@ WARN: Checks disabled
7896 ### LOGGING ###
7897 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7898 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7899--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7900+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7901 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7902 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7903 ### END LOGGING ###
7904@@ -10790,7 +10790,7 @@ WARN: Checks disabled
7905 ### LOGGING ###
7906 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7907 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7908--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7909+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7910 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7911 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7912 ### END LOGGING ###
7913@@ -10833,7 +10833,7 @@ WARN: Checks disabled
7914 ### LOGGING ###
7915 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7916 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7917--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7918+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7919 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7920 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7921 ### END LOGGING ###
7922@@ -10876,7 +10876,7 @@ WARN: Checks disabled
7923 ### LOGGING ###
7924 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7925 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7926--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7927+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7928 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7929 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7930 ### END LOGGING ###
7931@@ -10919,7 +10919,7 @@ WARN: Checks disabled
7932 ### LOGGING ###
7933 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7934 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7935--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7936+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7937 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7938 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7939 ### END LOGGING ###
7940@@ -10962,7 +10962,7 @@ WARN: Checks disabled
7941 ### LOGGING ###
7942 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7943 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7944--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7945+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7946 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7947 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7948 ### END LOGGING ###
7949@@ -11005,7 +11005,7 @@ WARN: Checks disabled
7950 ### LOGGING ###
7951 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7952 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7953--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7954+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7955 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7956 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7957 ### END LOGGING ###
7958@@ -11048,7 +11048,7 @@ WARN: Checks disabled
7959 ### LOGGING ###
7960 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7961 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7962--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7963+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7964 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7965 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7966 ### END LOGGING ###
7967@@ -11091,7 +11091,7 @@ WARN: Checks disabled
7968 ### LOGGING ###
7969 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7970 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7971--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7972+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7973 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7974 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7975 ### END LOGGING ###
7976@@ -11134,7 +11134,7 @@ WARN: Checks disabled
7977 ### LOGGING ###
7978 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7979 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7980--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7981+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7982 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7983 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7984 ### END LOGGING ###
7985@@ -11177,7 +11177,7 @@ WARN: Checks disabled
7986 ### LOGGING ###
7987 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7988 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7989--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7990+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7991 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7992 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
7993 ### END LOGGING ###
7994@@ -11220,7 +11220,7 @@ WARN: Checks disabled
7995 ### LOGGING ###
7996 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7997 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
7998--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
7999+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8000 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8001 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8002 ### END LOGGING ###
8003@@ -11263,7 +11263,7 @@ WARN: Checks disabled
8004 ### LOGGING ###
8005 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8006 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8007--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8008+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8009 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8010 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8011 ### END LOGGING ###
8012@@ -11306,7 +11306,7 @@ WARN: Checks disabled
8013 ### LOGGING ###
8014 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8015 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8016--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8017+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8018 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8019 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8020 ### END LOGGING ###
8021@@ -11349,7 +11349,7 @@ WARN: Checks disabled
8022 ### LOGGING ###
8023 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8024 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8025--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8026+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8027 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8028 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8029 ### END LOGGING ###
8030@@ -11392,7 +11392,7 @@ WARN: Checks disabled
8031 ### LOGGING ###
8032 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8033 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8034--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8035+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8036 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8037 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8038 ### END LOGGING ###
8039@@ -11435,7 +11435,7 @@ WARN: Checks disabled
8040 ### LOGGING ###
8041 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8042 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8043--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8044+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8045 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8046 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8047 ### END LOGGING ###
8048@@ -11478,7 +11478,7 @@ WARN: Checks disabled
8049 ### LOGGING ###
8050 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8051 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8052--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8053+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8054 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8055 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8056 ### END LOGGING ###
8057@@ -11521,7 +11521,7 @@ WARN: Checks disabled
8058 ### LOGGING ###
8059 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8060 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8061--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8062+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8063 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8064 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8065 ### END LOGGING ###
8066@@ -11564,7 +11564,7 @@ WARN: Checks disabled
8067 ### LOGGING ###
8068 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8069 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8070--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8071+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8072 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8073 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8074 ### END LOGGING ###
8075@@ -11607,7 +11607,7 @@ WARN: Checks disabled
8076 ### LOGGING ###
8077 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8078 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8079--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8080+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8081 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8082 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8083 ### END LOGGING ###
8084@@ -11650,7 +11650,7 @@ WARN: Checks disabled
8085 ### LOGGING ###
8086 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8087 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8088--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8089+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8090 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8091 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8092 ### END LOGGING ###
8093@@ -11693,7 +11693,7 @@ WARN: Checks disabled
8094 ### LOGGING ###
8095 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8096 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8097--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8098+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8099 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8100 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8101 ### END LOGGING ###
8102@@ -11736,7 +11736,7 @@ WARN: Checks disabled
8103 ### LOGGING ###
8104 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8105 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8106--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8107+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8108 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8109 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8110 ### END LOGGING ###
8111@@ -11779,7 +11779,7 @@ WARN: Checks disabled
8112 ### LOGGING ###
8113 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8114 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8115--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8116+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8117 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8118 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8119 ### END LOGGING ###
8120@@ -11815,8 +11815,8 @@ WARN: Checks disabled
8121 ### RULES ###
8122
8123 ### tuple ### limit tcp 34,35 0.0.0.0/0 any 0.0.0.0/0 in
8124--A ufw-user-input -p tcp -m multiport --dports 34,35 -m state --state NEW -m recent --set
8125--A ufw-user-input -p tcp -m multiport --dports 34,35 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8126+-A ufw-user-input -p tcp -m multiport --dports 34,35 -m conntrack --ctstate NEW -m recent --set
8127+-A ufw-user-input -p tcp -m multiport --dports 34,35 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8128 -A ufw-user-input -p tcp -m multiport --dports 34,35 -j ufw-user-limit-accept
8129
8130 ### END RULES ###
8131@@ -11824,7 +11824,7 @@ WARN: Checks disabled
8132 ### LOGGING ###
8133 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8134 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8135--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8136+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8137 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8138 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8139 ### END LOGGING ###
8140@@ -11860,8 +11860,8 @@ WARN: Checks disabled
8141 ### RULES ###
8142
8143 ### tuple ### limit tcp 34,35:39 0.0.0.0/0 any 0.0.0.0/0 in
8144--A ufw-user-input -p tcp -m multiport --dports 34,35:39 -m state --state NEW -m recent --set
8145--A ufw-user-input -p tcp -m multiport --dports 34,35:39 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8146+-A ufw-user-input -p tcp -m multiport --dports 34,35:39 -m conntrack --ctstate NEW -m recent --set
8147+-A ufw-user-input -p tcp -m multiport --dports 34,35:39 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8148 -A ufw-user-input -p tcp -m multiport --dports 34,35:39 -j ufw-user-limit-accept
8149
8150 ### END RULES ###
8151@@ -11869,7 +11869,7 @@ WARN: Checks disabled
8152 ### LOGGING ###
8153 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8154 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8155--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8156+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8157 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8158 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8159 ### END LOGGING ###
8160@@ -11905,8 +11905,8 @@ WARN: Checks disabled
8161 ### RULES ###
8162
8163 ### tuple ### limit tcp 35:39 0.0.0.0/0 any 0.0.0.0/0 in
8164--A ufw-user-input -p tcp -m multiport --dports 35:39 -m state --state NEW -m recent --set
8165--A ufw-user-input -p tcp -m multiport --dports 35:39 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8166+-A ufw-user-input -p tcp -m multiport --dports 35:39 -m conntrack --ctstate NEW -m recent --set
8167+-A ufw-user-input -p tcp -m multiport --dports 35:39 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8168 -A ufw-user-input -p tcp -m multiport --dports 35:39 -j ufw-user-limit-accept
8169
8170 ### END RULES ###
8171@@ -11914,7 +11914,7 @@ WARN: Checks disabled
8172 ### LOGGING ###
8173 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8174 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8175--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8176+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8177 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8178 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8179 ### END LOGGING ###
8180@@ -11950,8 +11950,8 @@ WARN: Checks disabled
8181 ### RULES ###
8182
8183 ### tuple ### limit tcp 15:19,21,22,23 0.0.0.0/0 any 0.0.0.0/0 in
8184--A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -m state --state NEW -m recent --set
8185--A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8186+-A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -m conntrack --ctstate NEW -m recent --set
8187+-A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8188 -A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -j ufw-user-limit-accept
8189
8190 ### END RULES ###
8191@@ -11959,7 +11959,7 @@ WARN: Checks disabled
8192 ### LOGGING ###
8193 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8194 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8195--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8196+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8197 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8198 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8199 ### END LOGGING ###
8200@@ -11995,8 +11995,8 @@ WARN: Checks disabled
8201 ### RULES ###
8202
8203 ### tuple ### limit tcp 1,9 0.0.0.0/0 any 0.0.0.0/0 in
8204--A ufw-user-input -p tcp -m multiport --dports 1,9 -m state --state NEW -m recent --set
8205--A ufw-user-input -p tcp -m multiport --dports 1,9 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8206+-A ufw-user-input -p tcp -m multiport --dports 1,9 -m conntrack --ctstate NEW -m recent --set
8207+-A ufw-user-input -p tcp -m multiport --dports 1,9 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8208 -A ufw-user-input -p tcp -m multiport --dports 1,9 -j ufw-user-limit-accept
8209
8210 ### END RULES ###
8211@@ -12004,7 +12004,7 @@ WARN: Checks disabled
8212 ### LOGGING ###
8213 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8214 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8215--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8216+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8217 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8218 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8219 ### END LOGGING ###
8220@@ -12040,8 +12040,8 @@ WARN: Checks disabled
8221 ### RULES ###
8222
8223 ### tuple ### limit udp 34,35 0.0.0.0/0 any 0.0.0.0/0 in
8224--A ufw-user-input -p udp -m multiport --dports 34,35 -m state --state NEW -m recent --set
8225--A ufw-user-input -p udp -m multiport --dports 34,35 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8226+-A ufw-user-input -p udp -m multiport --dports 34,35 -m conntrack --ctstate NEW -m recent --set
8227+-A ufw-user-input -p udp -m multiport --dports 34,35 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8228 -A ufw-user-input -p udp -m multiport --dports 34,35 -j ufw-user-limit-accept
8229
8230 ### END RULES ###
8231@@ -12049,7 +12049,7 @@ WARN: Checks disabled
8232 ### LOGGING ###
8233 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8234 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8235--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8236+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8237 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8238 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8239 ### END LOGGING ###
8240@@ -12085,8 +12085,8 @@ WARN: Checks disabled
8241 ### RULES ###
8242
8243 ### tuple ### limit udp 34,35:39 0.0.0.0/0 any 0.0.0.0/0 in
8244--A ufw-user-input -p udp -m multiport --dports 34,35:39 -m state --state NEW -m recent --set
8245--A ufw-user-input -p udp -m multiport --dports 34,35:39 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8246+-A ufw-user-input -p udp -m multiport --dports 34,35:39 -m conntrack --ctstate NEW -m recent --set
8247+-A ufw-user-input -p udp -m multiport --dports 34,35:39 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8248 -A ufw-user-input -p udp -m multiport --dports 34,35:39 -j ufw-user-limit-accept
8249
8250 ### END RULES ###
8251@@ -12094,7 +12094,7 @@ WARN: Checks disabled
8252 ### LOGGING ###
8253 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8254 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8255--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8256+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8257 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8258 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8259 ### END LOGGING ###
8260@@ -12130,8 +12130,8 @@ WARN: Checks disabled
8261 ### RULES ###
8262
8263 ### tuple ### limit udp 35:39 0.0.0.0/0 any 0.0.0.0/0 in
8264--A ufw-user-input -p udp -m multiport --dports 35:39 -m state --state NEW -m recent --set
8265--A ufw-user-input -p udp -m multiport --dports 35:39 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8266+-A ufw-user-input -p udp -m multiport --dports 35:39 -m conntrack --ctstate NEW -m recent --set
8267+-A ufw-user-input -p udp -m multiport --dports 35:39 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8268 -A ufw-user-input -p udp -m multiport --dports 35:39 -j ufw-user-limit-accept
8269
8270 ### END RULES ###
8271@@ -12139,7 +12139,7 @@ WARN: Checks disabled
8272 ### LOGGING ###
8273 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8274 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8275--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8276+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8277 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8278 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8279 ### END LOGGING ###
8280@@ -12175,8 +12175,8 @@ WARN: Checks disabled
8281 ### RULES ###
8282
8283 ### tuple ### limit udp 15:19,21,22,23 0.0.0.0/0 any 0.0.0.0/0 in
8284--A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m state --state NEW -m recent --set
8285--A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8286+-A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m conntrack --ctstate NEW -m recent --set
8287+-A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8288 -A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -j ufw-user-limit-accept
8289
8290 ### END RULES ###
8291@@ -12184,7 +12184,7 @@ WARN: Checks disabled
8292 ### LOGGING ###
8293 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8294 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8295--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8296+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8297 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8298 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8299 ### END LOGGING ###
8300@@ -12220,8 +12220,8 @@ WARN: Checks disabled
8301 ### RULES ###
8302
8303 ### tuple ### limit udp 1,9 0.0.0.0/0 any 0.0.0.0/0 in
8304--A ufw-user-input -p udp -m multiport --dports 1,9 -m state --state NEW -m recent --set
8305--A ufw-user-input -p udp -m multiport --dports 1,9 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8306+-A ufw-user-input -p udp -m multiport --dports 1,9 -m conntrack --ctstate NEW -m recent --set
8307+-A ufw-user-input -p udp -m multiport --dports 1,9 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8308 -A ufw-user-input -p udp -m multiport --dports 1,9 -j ufw-user-limit-accept
8309
8310 ### END RULES ###
8311@@ -12229,7 +12229,7 @@ WARN: Checks disabled
8312 ### LOGGING ###
8313 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8314 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8315--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8316+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8317 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8318 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8319 ### END LOGGING ###
8320@@ -12273,7 +12273,7 @@ WARN: Checks disabled
8321 ### LOGGING ###
8322 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8323 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8324--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8325+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8326 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8327 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8328 ### END LOGGING ###
8329@@ -12317,7 +12317,7 @@ WARN: Checks disabled
8330 ### LOGGING ###
8331 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8332 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8333--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8334+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8335 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8336 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8337 ### END LOGGING ###
8338@@ -12357,7 +12357,7 @@ WARN: Checks disabled
8339 ### LOGGING ###
8340 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8341 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8342--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8343+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8344 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8345 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8346 ### END LOGGING ###
8347@@ -12400,7 +12400,7 @@ WARN: Checks disabled
8348 ### LOGGING ###
8349 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8350 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8351--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8352+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8353 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8354 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8355 ### END LOGGING ###
8356@@ -12440,7 +12440,7 @@ WARN: Checks disabled
8357 ### LOGGING ###
8358 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8359 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8360--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8361+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8362 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8363 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8364 ### END LOGGING ###
8365@@ -12484,7 +12484,7 @@ WARN: Checks disabled
8366 ### LOGGING ###
8367 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8368 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8369--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8370+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8371 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8372 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8373 ### END LOGGING ###
8374@@ -12527,7 +12527,7 @@ WARN: Checks disabled
8375 ### LOGGING ###
8376 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8377 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8378--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8379+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8380 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8381 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8382 ### END LOGGING ###
8383@@ -12570,7 +12570,7 @@ WARN: Checks disabled
8384 ### LOGGING ###
8385 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8386 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8387--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8388+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8389 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8390 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8391 ### END LOGGING ###
8392@@ -12613,7 +12613,7 @@ WARN: Checks disabled
8393 ### LOGGING ###
8394 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8395 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8396--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8397+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8398 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8399 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8400 ### END LOGGING ###
8401@@ -12656,7 +12656,7 @@ WARN: Checks disabled
8402 ### LOGGING ###
8403 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8404 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8405--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8406+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8407 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8408 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8409 ### END LOGGING ###
8410@@ -12706,11 +12706,11 @@ Insert
8411 ### RULES ###
8412
8413 ### tuple ### allow_log any 9998 0.0.0.0/0 any 0.0.0.0/0 in
8414--A ufw-user-logging-input -p tcp --dport 9998 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8415+-A ufw-user-logging-input -p tcp --dport 9998 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8416 -A ufw-user-logging-input -p tcp --dport 9998 -j RETURN
8417 -A ufw-user-input -p tcp --dport 9998 -j ufw-user-logging-input
8418 -A ufw-user-input -p tcp --dport 9998 -j ACCEPT
8419--A ufw-user-logging-input -p udp --dport 9998 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8420+-A ufw-user-logging-input -p udp --dport 9998 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8421 -A ufw-user-logging-input -p udp --dport 9998 -j RETURN
8422 -A ufw-user-input -p udp --dport 9998 -j ufw-user-logging-input
8423 -A ufw-user-input -p udp --dport 9998 -j ACCEPT
8424@@ -12735,7 +12735,7 @@ Insert
8425 ### LOGGING ###
8426 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8427 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8428--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8429+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8430 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8431 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8432 ### END LOGGING ###
8433@@ -12785,7 +12785,7 @@ COMMIT
8434 ### LOGGING ###
8435 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8436 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8437--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8438+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8439 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8440 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8441 ### END LOGGING ###
8442@@ -12908,7 +12908,7 @@ Interfaces
8443 ### LOGGING ###
8444 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8445 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8446--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8447+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8448 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8449 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8450 ### END LOGGING ###
8451@@ -12982,7 +12982,7 @@ COMMIT
8452 ### LOGGING ###
8453 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8454 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8455--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8456+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8457 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8458 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8459 ### END LOGGING ###
8460@@ -13100,7 +13100,7 @@ COMMIT
8461 ### LOGGING ###
8462 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8463 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8464--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8465+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8466 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8467 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8468 ### END LOGGING ###
8469@@ -13174,7 +13174,7 @@ COMMIT
8470 ### LOGGING ###
8471 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8472 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8473--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8474+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8475 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8476 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8477 ### END LOGGING ###
8478@@ -13244,83 +13244,83 @@ COMMIT
8479 ### RULES ###
8480
8481 ### tuple ### limit any any 0.0.0.0/0 any 0.0.0.0/0 in_eth0
8482--A ufw-user-input -i eth0 -m state --state NEW -m recent --set
8483--A ufw-user-input -i eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8484+-A ufw-user-input -i eth0 -m conntrack --ctstate NEW -m recent --set
8485+-A ufw-user-input -i eth0 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8486 -A ufw-user-input -i eth0 -j ufw-user-limit-accept
8487
8488 ### tuple ### limit any 22 192.168.0.1 any 0.0.0.0/0 in_eth0
8489--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --set
8490--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8491+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --set
8492+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8493 -A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -j ufw-user-limit-accept
8494--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --set
8495--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8496+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --set
8497+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8498 -A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -j ufw-user-limit-accept
8499
8500 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 in_eth0
8501--A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8502--A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8503+-A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8504+-A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8505 -A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8506--A ufw-user-input -i eth0 -p udp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8507--A ufw-user-input -i eth0 -p udp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8508+-A ufw-user-input -i eth0 -p udp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8509+-A ufw-user-input -i eth0 -p udp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8510 -A ufw-user-input -i eth0 -p udp -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8511
8512 ### tuple ### limit any any 192.168.0.1 any 10.0.0.1 in_eth0
8513--A ufw-user-input -i eth0 -d 192.168.0.1 -s 10.0.0.1 -m state --state NEW -m recent --set
8514--A ufw-user-input -i eth0 -d 192.168.0.1 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8515+-A ufw-user-input -i eth0 -d 192.168.0.1 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8516+-A ufw-user-input -i eth0 -d 192.168.0.1 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8517 -A ufw-user-input -i eth0 -d 192.168.0.1 -s 10.0.0.1 -j ufw-user-limit-accept
8518
8519 ### tuple ### limit any 22 192.168.0.1 any 10.0.0.1 in_eth0
8520--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --set
8521--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8522+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8523+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8524 -A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j ufw-user-limit-accept
8525--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --set
8526--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8527+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8528+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8529 -A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j ufw-user-limit-accept
8530
8531 ### tuple ### limit any any 192.168.0.1 80 10.0.0.1 in_eth0
8532--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8533--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8534+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8535+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8536 -A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8537--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8538--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8539+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8540+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8541 -A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8542
8543 ### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 in_eth0
8544--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8545--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8546+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8547+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8548 -A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8549--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8550--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8551+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8552+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8553 -A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8554
8555 ### tuple ### limit tcp 22 192.168.0.1 any 0.0.0.0/0 in_eth0
8556--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --set
8557--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8558+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --set
8559+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8560 -A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 --dport 22 -j ufw-user-limit-accept
8561
8562 ### tuple ### limit tcp any 0.0.0.0/0 80 10.0.0.1 in_eth0
8563--A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8564--A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8565+-A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8566+-A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8567 -A ufw-user-input -i eth0 -p tcp -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8568
8569 ### tuple ### limit tcp any 192.168.0.1 any 10.0.0.1 in_eth0
8570--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -m state --state NEW -m recent --set
8571--A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8572+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8573+-A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8574 -A ufw-user-input -i eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -j ufw-user-limit-accept
8575
8576 ### tuple ### limit udp 22 192.168.0.1 any 10.0.0.1 in_eth0
8577--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --set
8578--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8579+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8580+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8581 -A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j ufw-user-limit-accept
8582
8583 ### tuple ### limit udp any 192.168.0.1 80 10.0.0.1 in_eth0
8584--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8585--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8586+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8587+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8588 -A ufw-user-input -i eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8589
8590 ### tuple ### limit udp 22 192.168.0.1 80 10.0.0.1 in_eth0
8591--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8592--A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8593+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8594+-A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8595 -A ufw-user-input -i eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8596
8597 ### END RULES ###
8598@@ -13328,7 +13328,7 @@ COMMIT
8599 ### LOGGING ###
8600 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8601 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8602--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8603+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8604 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8605 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8606 ### END LOGGING ###
8607@@ -13402,7 +13402,7 @@ COMMIT
8608 ### LOGGING ###
8609 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8610 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8611--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8612+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8613 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8614 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8615 ### END LOGGING ###
8616@@ -13520,7 +13520,7 @@ COMMIT
8617 ### LOGGING ###
8618 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8619 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8620--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8621+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8622 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8623 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8624 ### END LOGGING ###
8625@@ -13594,7 +13594,7 @@ COMMIT
8626 ### LOGGING ###
8627 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8628 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8629--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8630+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8631 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8632 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8633 ### END LOGGING ###
8634@@ -13638,7 +13638,7 @@ COMMIT
8635 ### LOGGING ###
8636 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8637 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8638--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8639+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8640 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8641 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8642 ### END LOGGING ###
8643@@ -13676,7 +13676,7 @@ COMMIT
8644 ### LOGGING ###
8645 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8646 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8647--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8648+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8649 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8650 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8651 ### END LOGGING ###
8652@@ -13794,7 +13794,7 @@ COMMIT
8653 ### LOGGING ###
8654 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8655 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8656--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8657+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8658 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8659 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8660 ### END LOGGING ###
8661@@ -13868,7 +13868,7 @@ COMMIT
8662 ### LOGGING ###
8663 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8664 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8665--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8666+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8667 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8668 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8669 ### END LOGGING ###
8670@@ -13986,7 +13986,7 @@ COMMIT
8671 ### LOGGING ###
8672 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8673 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8674--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8675+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8676 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8677 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8678 ### END LOGGING ###
8679@@ -14060,7 +14060,7 @@ COMMIT
8680 ### LOGGING ###
8681 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8682 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8683--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8684+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8685 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8686 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8687 ### END LOGGING ###
8688@@ -14130,83 +14130,83 @@ COMMIT
8689 ### RULES ###
8690
8691 ### tuple ### limit any any 0.0.0.0/0 any 0.0.0.0/0 out_eth0
8692--A ufw-user-output -o eth0 -m state --state NEW -m recent --set
8693--A ufw-user-output -o eth0 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8694+-A ufw-user-output -o eth0 -m conntrack --ctstate NEW -m recent --set
8695+-A ufw-user-output -o eth0 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8696 -A ufw-user-output -o eth0 -j ufw-user-limit-accept
8697
8698 ### tuple ### limit any 22 192.168.0.1 any 0.0.0.0/0 out_eth0
8699--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --set
8700--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8701+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --set
8702+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8703 -A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -j ufw-user-limit-accept
8704--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --set
8705--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8706+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --set
8707+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8708 -A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -j ufw-user-limit-accept
8709
8710 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 out_eth0
8711--A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8712--A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8713+-A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8714+-A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8715 -A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8716--A ufw-user-output -o eth0 -p udp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8717--A ufw-user-output -o eth0 -p udp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8718+-A ufw-user-output -o eth0 -p udp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8719+-A ufw-user-output -o eth0 -p udp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8720 -A ufw-user-output -o eth0 -p udp -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8721
8722 ### tuple ### limit any any 192.168.0.1 any 10.0.0.1 out_eth0
8723--A ufw-user-output -o eth0 -d 192.168.0.1 -s 10.0.0.1 -m state --state NEW -m recent --set
8724--A ufw-user-output -o eth0 -d 192.168.0.1 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8725+-A ufw-user-output -o eth0 -d 192.168.0.1 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8726+-A ufw-user-output -o eth0 -d 192.168.0.1 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8727 -A ufw-user-output -o eth0 -d 192.168.0.1 -s 10.0.0.1 -j ufw-user-limit-accept
8728
8729 ### tuple ### limit any 22 192.168.0.1 any 10.0.0.1 out_eth0
8730--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --set
8731--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8732+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8733+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8734 -A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j ufw-user-limit-accept
8735--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --set
8736--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8737+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8738+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8739 -A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j ufw-user-limit-accept
8740
8741 ### tuple ### limit any any 192.168.0.1 80 10.0.0.1 out_eth0
8742--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8743--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8744+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8745+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8746 -A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8747--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8748--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8749+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8750+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8751 -A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8752
8753 ### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 out_eth0
8754--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8755--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8756+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8757+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8758 -A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8759--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8760--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8761+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8762+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8763 -A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8764
8765 ### tuple ### limit tcp 22 192.168.0.1 any 0.0.0.0/0 out_eth0
8766--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --set
8767--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8768+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --set
8769+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8770 -A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 --dport 22 -j ufw-user-limit-accept
8771
8772 ### tuple ### limit tcp any 0.0.0.0/0 80 10.0.0.1 out_eth0
8773--A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8774--A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8775+-A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8776+-A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8777 -A ufw-user-output -o eth0 -p tcp -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8778
8779 ### tuple ### limit tcp any 192.168.0.1 any 10.0.0.1 out_eth0
8780--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -m state --state NEW -m recent --set
8781--A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8782+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8783+-A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8784 -A ufw-user-output -o eth0 -p tcp -d 192.168.0.1 -s 10.0.0.1 -j ufw-user-limit-accept
8785
8786 ### tuple ### limit udp 22 192.168.0.1 any 10.0.0.1 out_eth0
8787--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --set
8788--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8789+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
8790+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8791 -A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j ufw-user-limit-accept
8792
8793 ### tuple ### limit udp any 192.168.0.1 80 10.0.0.1 out_eth0
8794--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8795--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8796+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8797+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8798 -A ufw-user-output -o eth0 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8799
8800 ### tuple ### limit udp 22 192.168.0.1 80 10.0.0.1 out_eth0
8801--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
8802--A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8803+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
8804+-A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
8805 -A ufw-user-output -o eth0 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -j ufw-user-limit-accept
8806
8807 ### END RULES ###
8808@@ -14214,7 +14214,7 @@ COMMIT
8809 ### LOGGING ###
8810 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8811 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8812--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8813+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8814 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8815 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8816 ### END LOGGING ###
8817@@ -14288,7 +14288,7 @@ COMMIT
8818 ### LOGGING ###
8819 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8820 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8821--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8822+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8823 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8824 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8825 ### END LOGGING ###
8826@@ -14406,7 +14406,7 @@ COMMIT
8827 ### LOGGING ###
8828 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8829 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8830--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8831+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8832 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8833 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8834 ### END LOGGING ###
8835@@ -14480,7 +14480,7 @@ COMMIT
8836 ### LOGGING ###
8837 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8838 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8839--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8840+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8841 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8842 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8843 ### END LOGGING ###
8844@@ -14524,7 +14524,7 @@ COMMIT
8845 ### LOGGING ###
8846 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8847 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8848--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8849+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8850 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8851 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8852 ### END LOGGING ###
8853@@ -14562,7 +14562,7 @@ COMMIT
8854 ### LOGGING ###
8855 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8856 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8857--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8858+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8859 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8860 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8861 ### END LOGGING ###
8862@@ -14603,7 +14603,7 @@ WARN: Checks disabled
8863 ### LOGGING ###
8864 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8865 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8866--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8867+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8868 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8869 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8870 ### END LOGGING ###
8871@@ -14646,7 +14646,7 @@ WARN: Checks disabled
8872 ### LOGGING ###
8873 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8874 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8875--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8876+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8877 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8878 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8879 ### END LOGGING ###
8880@@ -14690,7 +14690,7 @@ WARN: Checks disabled
8881 ### LOGGING ###
8882 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8883 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8884--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8885+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8886 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8887 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8888 ### END LOGGING ###
8889@@ -14733,7 +14733,7 @@ WARN: Checks disabled
8890 ### LOGGING ###
8891 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8892 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8893--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8894+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8895 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8896 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8897 ### END LOGGING ###
8898@@ -14776,7 +14776,7 @@ WARN: Checks disabled
8899 ### LOGGING ###
8900 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8901 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8902--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8903+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8904 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8905 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8906 ### END LOGGING ###
8907@@ -14819,7 +14819,7 @@ WARN: Checks disabled
8908 ### LOGGING ###
8909 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8910 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8911--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8912+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8913 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8914 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8915 ### END LOGGING ###
8916diff --git a/tests/ipv6/logging/result b/tests/ipv6/logging/result
8917index dd9c077..afd72dd 100644
8918--- a/tests/ipv6/logging/result
8919+++ b/tests/ipv6/logging/result
8920@@ -26,23 +26,23 @@ contents of user*.rules:
8921 ### RULES ###
8922
8923 ### tuple ### allow_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
8924--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8925+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8926 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
8927 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
8928 -A ufw-user-input -p tcp --dport 23 -j ACCEPT
8929--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8930+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8931 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
8932 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
8933 -A ufw-user-input -p udp --dport 23 -j ACCEPT
8934
8935 ### tuple ### allow_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
8936--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8937+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8938 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
8939 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
8940 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
8941
8942 ### tuple ### allow_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
8943--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8944+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8945 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
8946 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
8947 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
8948@@ -52,7 +52,7 @@ contents of user*.rules:
8949 ### LOGGING ###
8950 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8951 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8952--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8953+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8954 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8955 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8956 ### END LOGGING ###
8957@@ -81,23 +81,23 @@ COMMIT
8958 ### RULES ###
8959
8960 ### tuple ### allow_log any 23 ::/0 any ::/0 in
8961--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8962+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8963 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
8964 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
8965 -A ufw6-user-input -p tcp --dport 23 -j ACCEPT
8966--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8967+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8968 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
8969 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
8970 -A ufw6-user-input -p udp --dport 23 -j ACCEPT
8971
8972 ### tuple ### allow_log udp 137,138 ::/0 any ::/0 Samba - in
8973--A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8974+-A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8975 -A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
8976 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ufw6-user-logging-input
8977 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
8978
8979 ### tuple ### allow_log tcp 139,445 ::/0 any ::/0 Samba - in
8980--A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8981+-A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
8982 -A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
8983 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ufw6-user-logging-input
8984 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
8985@@ -107,7 +107,7 @@ COMMIT
8986 ### LOGGING ###
8987 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8988 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8989--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8990+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8991 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8992 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
8993 ### END LOGGING ###
8994@@ -143,7 +143,7 @@ contents of user*.rules:
8995 ### LOGGING ###
8996 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8997 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
8998--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
8999+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9000 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9001 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9002 ### END LOGGING ###
9003@@ -176,7 +176,7 @@ COMMIT
9004 ### LOGGING ###
9005 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9006 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9007--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9008+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9009 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9010 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9011 ### END LOGGING ###
9012@@ -209,7 +209,7 @@ contents of user*.rules:
9013 ### LOGGING ###
9014 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9015 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9016--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9017+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9018 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9019 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9020 ### END LOGGING ###
9021@@ -238,7 +238,7 @@ COMMIT
9022 ### RULES ###
9023
9024 ### tuple ### allow_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
9025--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9026+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9027 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
9028 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
9029 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ACCEPT
9030@@ -248,7 +248,7 @@ COMMIT
9031 ### LOGGING ###
9032 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9033 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9034--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9035+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9036 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9037 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9038 ### END LOGGING ###
9039@@ -281,7 +281,7 @@ contents of user*.rules:
9040 ### LOGGING ###
9041 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9042 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9043--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9044+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9045 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9046 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9047 ### END LOGGING ###
9048@@ -314,7 +314,7 @@ COMMIT
9049 ### LOGGING ###
9050 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9051 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9052--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9053+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9054 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9055 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9056 ### END LOGGING ###
9057@@ -372,7 +372,7 @@ contents of user*.rules:
9058 ### LOGGING ###
9059 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9060 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9061--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9062+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9063 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9064 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9065 ### END LOGGING ###
9066@@ -427,7 +427,7 @@ COMMIT
9067 ### LOGGING ###
9068 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9069 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9070--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9071+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9072 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9073 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9074 ### END LOGGING ###
9075@@ -463,7 +463,7 @@ contents of user*.rules:
9076 ### LOGGING ###
9077 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9078 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9079--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9080+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9081 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9082 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9083 ### END LOGGING ###
9084@@ -496,7 +496,7 @@ COMMIT
9085 ### LOGGING ###
9086 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9087 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9088--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9089+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9090 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9091 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9092 ### END LOGGING ###
9093@@ -529,7 +529,7 @@ contents of user*.rules:
9094 ### LOGGING ###
9095 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9096 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9097--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9098+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9099 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9100 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9101 ### END LOGGING ###
9102@@ -568,7 +568,7 @@ COMMIT
9103 ### LOGGING ###
9104 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9105 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9106--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9107+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9108 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9109 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9110 ### END LOGGING ###
9111@@ -601,7 +601,7 @@ contents of user*.rules:
9112 ### LOGGING ###
9113 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9114 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9115--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9116+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9117 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9118 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9119 ### END LOGGING ###
9120@@ -634,7 +634,7 @@ COMMIT
9121 ### LOGGING ###
9122 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9123 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9124--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9125+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9126 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9127 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9128 ### END LOGGING ###
9129@@ -666,23 +666,23 @@ contents of user*.rules:
9130 ### RULES ###
9131
9132 ### tuple ### deny_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
9133--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9134+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9135 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
9136 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
9137 -A ufw-user-input -p tcp --dport 23 -j DROP
9138--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9139+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9140 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
9141 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
9142 -A ufw-user-input -p udp --dport 23 -j DROP
9143
9144 ### tuple ### deny_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9145--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9146+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9147 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9148 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
9149 -A ufw-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
9150
9151 ### tuple ### deny_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9152--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9153+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9154 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9155 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
9156 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
9157@@ -692,7 +692,7 @@ contents of user*.rules:
9158 ### LOGGING ###
9159 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9160 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9161--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9162+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9163 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9164 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9165 ### END LOGGING ###
9166@@ -721,23 +721,23 @@ COMMIT
9167 ### RULES ###
9168
9169 ### tuple ### deny_log any 23 ::/0 any ::/0 in
9170--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9171+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9172 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
9173 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
9174 -A ufw6-user-input -p tcp --dport 23 -j DROP
9175--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9176+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9177 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
9178 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
9179 -A ufw6-user-input -p udp --dport 23 -j DROP
9180
9181 ### tuple ### deny_log udp 137,138 ::/0 any ::/0 Samba - in
9182--A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9183+-A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9184 -A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9185 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ufw6-user-logging-input
9186 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
9187
9188 ### tuple ### deny_log tcp 139,445 ::/0 any ::/0 Samba - in
9189--A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9190+-A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9191 -A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9192 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ufw6-user-logging-input
9193 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
9194@@ -747,7 +747,7 @@ COMMIT
9195 ### LOGGING ###
9196 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9197 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9198--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9199+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9200 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9201 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9202 ### END LOGGING ###
9203@@ -783,7 +783,7 @@ contents of user*.rules:
9204 ### LOGGING ###
9205 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9206 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9207--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9208+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9209 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9210 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9211 ### END LOGGING ###
9212@@ -816,7 +816,7 @@ COMMIT
9213 ### LOGGING ###
9214 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9215 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9216--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9217+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9218 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9219 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9220 ### END LOGGING ###
9221@@ -849,7 +849,7 @@ contents of user*.rules:
9222 ### LOGGING ###
9223 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9224 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9225--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9226+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9227 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9228 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9229 ### END LOGGING ###
9230@@ -878,7 +878,7 @@ COMMIT
9231 ### RULES ###
9232
9233 ### tuple ### deny_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
9234--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9235+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9236 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
9237 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
9238 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j DROP
9239@@ -888,7 +888,7 @@ COMMIT
9240 ### LOGGING ###
9241 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9242 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9243--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9244+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9245 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9246 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9247 ### END LOGGING ###
9248@@ -921,7 +921,7 @@ contents of user*.rules:
9249 ### LOGGING ###
9250 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9251 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9252--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9253+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9254 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9255 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9256 ### END LOGGING ###
9257@@ -954,7 +954,7 @@ COMMIT
9258 ### LOGGING ###
9259 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9260 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9261--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9262+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9263 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9264 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9265 ### END LOGGING ###
9266@@ -1012,7 +1012,7 @@ contents of user*.rules:
9267 ### LOGGING ###
9268 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9269 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9270--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9271+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9272 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9273 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9274 ### END LOGGING ###
9275@@ -1067,7 +1067,7 @@ COMMIT
9276 ### LOGGING ###
9277 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9278 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9279--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9280+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9281 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9282 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9283 ### END LOGGING ###
9284@@ -1103,7 +1103,7 @@ contents of user*.rules:
9285 ### LOGGING ###
9286 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9287 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9288--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9289+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9290 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9291 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9292 ### END LOGGING ###
9293@@ -1136,7 +1136,7 @@ COMMIT
9294 ### LOGGING ###
9295 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9296 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9297--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9298+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9299 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9300 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9301 ### END LOGGING ###
9302@@ -1169,7 +1169,7 @@ contents of user*.rules:
9303 ### LOGGING ###
9304 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9305 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9306--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9307+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9308 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9309 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9310 ### END LOGGING ###
9311@@ -1208,7 +1208,7 @@ COMMIT
9312 ### LOGGING ###
9313 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9314 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9315--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9316+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9317 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9318 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9319 ### END LOGGING ###
9320@@ -1241,7 +1241,7 @@ contents of user*.rules:
9321 ### LOGGING ###
9322 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9323 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9324--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9325+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9326 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9327 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9328 ### END LOGGING ###
9329@@ -1274,7 +1274,7 @@ COMMIT
9330 ### LOGGING ###
9331 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9332 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9333--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9334+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9335 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9336 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9337 ### END LOGGING ###
9338@@ -1306,33 +1306,33 @@ contents of user*.rules:
9339 ### RULES ###
9340
9341 ### tuple ### limit_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
9342--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9343+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9344 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
9345 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
9346--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --set
9347--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
9348+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
9349+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
9350 -A ufw-user-input -p tcp --dport 23 -j ufw-user-limit-accept
9351--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9352+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9353 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
9354 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
9355--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --set
9356--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
9357+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --set
9358+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
9359 -A ufw-user-input -p udp --dport 23 -j ufw-user-limit-accept
9360
9361 ### tuple ### limit_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9362--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9363+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9364 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9365 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
9366--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
9367--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
9368+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
9369+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
9370 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
9371
9372 ### tuple ### limit_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9373--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9374+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9375 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9376 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
9377--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
9378--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
9379+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
9380+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
9381 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
9382
9383 ### END RULES ###
9384@@ -1340,7 +1340,7 @@ contents of user*.rules:
9385 ### LOGGING ###
9386 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9387 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9388--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9389+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9390 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9391 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9392 ### END LOGGING ###
9393@@ -1373,7 +1373,7 @@ COMMIT
9394 ### LOGGING ###
9395 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9396 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9397--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9398+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9399 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9400 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9401 ### END LOGGING ###
9402@@ -1409,7 +1409,7 @@ contents of user*.rules:
9403 ### LOGGING ###
9404 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9405 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9406--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9407+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9408 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9409 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9410 ### END LOGGING ###
9411@@ -1442,7 +1442,7 @@ COMMIT
9412 ### LOGGING ###
9413 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9414 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9415--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9416+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9417 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9418 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9419 ### END LOGGING ###
9420@@ -1475,7 +1475,7 @@ contents of user*.rules:
9421 ### LOGGING ###
9422 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9423 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9424--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9425+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9426 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9427 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9428 ### END LOGGING ###
9429@@ -1508,7 +1508,7 @@ COMMIT
9430 ### LOGGING ###
9431 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9432 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9433--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9434+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9435 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9436 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9437 ### END LOGGING ###
9438@@ -1541,7 +1541,7 @@ contents of user*.rules:
9439 ### LOGGING ###
9440 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9441 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9442--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9443+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9444 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9445 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9446 ### END LOGGING ###
9447@@ -1574,7 +1574,7 @@ COMMIT
9448 ### LOGGING ###
9449 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9450 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9451--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9452+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9453 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9454 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9455 ### END LOGGING ###
9456@@ -1609,30 +1609,30 @@ contents of user*.rules:
9457 -A ufw-user-logging-input -p tcp --dport 23 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9458 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
9459 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
9460--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --set
9461--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
9462+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
9463+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
9464 -A ufw-user-input -p tcp --dport 23 -j ufw-user-limit-accept
9465 -A ufw-user-logging-input -p udp --dport 23 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9466 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
9467 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
9468--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --set
9469--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
9470+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --set
9471+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
9472 -A ufw-user-input -p udp --dport 23 -j ufw-user-limit-accept
9473
9474 ### tuple ### limit_log-all udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9475 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9476 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9477 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
9478--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
9479--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
9480+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
9481+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
9482 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
9483
9484 ### tuple ### limit_log-all tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9485 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
9486 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9487 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
9488--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
9489--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
9490+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
9491+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
9492 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
9493
9494 ### END RULES ###
9495@@ -1640,7 +1640,7 @@ contents of user*.rules:
9496 ### LOGGING ###
9497 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9498 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9499--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9500+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9501 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9502 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9503 ### END LOGGING ###
9504@@ -1673,7 +1673,7 @@ COMMIT
9505 ### LOGGING ###
9506 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9507 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9508--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9509+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9510 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9511 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9512 ### END LOGGING ###
9513@@ -1709,7 +1709,7 @@ contents of user*.rules:
9514 ### LOGGING ###
9515 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9516 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9517--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9518+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9519 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9520 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9521 ### END LOGGING ###
9522@@ -1742,7 +1742,7 @@ COMMIT
9523 ### LOGGING ###
9524 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9525 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9526--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9527+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9528 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9529 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9530 ### END LOGGING ###
9531@@ -1775,7 +1775,7 @@ contents of user*.rules:
9532 ### LOGGING ###
9533 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9534 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9535--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9536+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9537 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9538 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9539 ### END LOGGING ###
9540@@ -1808,7 +1808,7 @@ COMMIT
9541 ### LOGGING ###
9542 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9543 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9544--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9545+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9546 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9547 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9548 ### END LOGGING ###
9549@@ -1841,7 +1841,7 @@ contents of user*.rules:
9550 ### LOGGING ###
9551 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9552 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9553--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9554+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9555 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9556 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9557 ### END LOGGING ###
9558@@ -1874,7 +1874,7 @@ COMMIT
9559 ### LOGGING ###
9560 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9561 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9562--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9563+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9564 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9565 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9566 ### END LOGGING ###
9567@@ -1906,23 +1906,23 @@ contents of user*.rules:
9568 ### RULES ###
9569
9570 ### tuple ### reject_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
9571--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9572+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9573 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
9574 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
9575 -A ufw-user-input -p tcp --dport 23 -j REJECT --reject-with tcp-reset
9576--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9577+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9578 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
9579 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
9580 -A ufw-user-input -p udp --dport 23 -j REJECT
9581
9582 ### tuple ### reject_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9583--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9584+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9585 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9586 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
9587 -A ufw-user-input -p udp -m multiport --dports 137,138 -j REJECT -m comment --comment 'dapp_Samba'
9588
9589 ### tuple ### reject_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9590--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9591+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9592 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9593 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
9594 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j REJECT --reject-with tcp-reset -m comment --comment 'dapp_Samba'
9595@@ -1932,7 +1932,7 @@ contents of user*.rules:
9596 ### LOGGING ###
9597 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9598 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9599--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9600+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9601 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9602 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9603 ### END LOGGING ###
9604@@ -1961,23 +1961,23 @@ COMMIT
9605 ### RULES ###
9606
9607 ### tuple ### reject_log any 23 ::/0 any ::/0 in
9608--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9609+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9610 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
9611 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
9612 -A ufw6-user-input -p tcp --dport 23 -j REJECT --reject-with tcp-reset
9613--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9614+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9615 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
9616 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
9617 -A ufw6-user-input -p udp --dport 23 -j REJECT
9618
9619 ### tuple ### reject_log udp 137,138 ::/0 any ::/0 Samba - in
9620--A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9621+-A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9622 -A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9623 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ufw6-user-logging-input
9624 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j REJECT -m comment --comment 'dapp_Samba'
9625
9626 ### tuple ### reject_log tcp 139,445 ::/0 any ::/0 Samba - in
9627--A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9628+-A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9629 -A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9630 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ufw6-user-logging-input
9631 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j REJECT --reject-with tcp-reset -m comment --comment 'dapp_Samba'
9632@@ -1987,7 +1987,7 @@ COMMIT
9633 ### LOGGING ###
9634 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9635 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9636--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9637+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9638 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9639 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9640 ### END LOGGING ###
9641@@ -2023,7 +2023,7 @@ contents of user*.rules:
9642 ### LOGGING ###
9643 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9644 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9645--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9646+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9647 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9648 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9649 ### END LOGGING ###
9650@@ -2056,7 +2056,7 @@ COMMIT
9651 ### LOGGING ###
9652 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9653 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9654--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9655+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9656 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9657 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9658 ### END LOGGING ###
9659@@ -2089,7 +2089,7 @@ contents of user*.rules:
9660 ### LOGGING ###
9661 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9662 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9663--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9664+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9665 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9666 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9667 ### END LOGGING ###
9668@@ -2118,7 +2118,7 @@ COMMIT
9669 ### RULES ###
9670
9671 ### tuple ### reject_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
9672--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9673+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9674 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
9675 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
9676 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j REJECT --reject-with tcp-reset
9677@@ -2128,7 +2128,7 @@ COMMIT
9678 ### LOGGING ###
9679 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9680 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9681--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9682+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9683 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9684 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9685 ### END LOGGING ###
9686@@ -2161,7 +2161,7 @@ contents of user*.rules:
9687 ### LOGGING ###
9688 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9689 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9690--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9691+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9692 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9693 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9694 ### END LOGGING ###
9695@@ -2194,7 +2194,7 @@ COMMIT
9696 ### LOGGING ###
9697 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9698 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9699--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9700+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9701 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9702 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9703 ### END LOGGING ###
9704@@ -2252,7 +2252,7 @@ contents of user*.rules:
9705 ### LOGGING ###
9706 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9707 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9708--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9709+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9710 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9711 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9712 ### END LOGGING ###
9713@@ -2307,7 +2307,7 @@ COMMIT
9714 ### LOGGING ###
9715 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9716 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9717--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9718+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9719 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9720 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9721 ### END LOGGING ###
9722@@ -2343,7 +2343,7 @@ contents of user*.rules:
9723 ### LOGGING ###
9724 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9725 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9726--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9727+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9728 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9729 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9730 ### END LOGGING ###
9731@@ -2376,7 +2376,7 @@ COMMIT
9732 ### LOGGING ###
9733 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9734 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9735--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9736+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9737 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9738 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9739 ### END LOGGING ###
9740@@ -2409,7 +2409,7 @@ contents of user*.rules:
9741 ### LOGGING ###
9742 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9743 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9744--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9745+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9746 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9747 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9748 ### END LOGGING ###
9749@@ -2448,7 +2448,7 @@ COMMIT
9750 ### LOGGING ###
9751 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9752 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9753--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9754+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9755 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9756 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9757 ### END LOGGING ###
9758@@ -2481,7 +2481,7 @@ contents of user*.rules:
9759 ### LOGGING ###
9760 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9761 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9762--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9763+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9764 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9765 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9766 ### END LOGGING ###
9767@@ -2514,7 +2514,7 @@ COMMIT
9768 ### LOGGING ###
9769 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9770 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9771--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9772+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9773 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9774 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9775 ### END LOGGING ###
9776@@ -2547,13 +2547,13 @@ contents of user*.rules:
9777 ### RULES ###
9778
9779 ### tuple ### allow_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9780--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9781+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9782 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9783 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
9784 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
9785
9786 ### tuple ### allow_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9787--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9788+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9789 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9790 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
9791 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
9792@@ -2563,7 +2563,7 @@ contents of user*.rules:
9793 ### LOGGING ###
9794 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9795 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9796--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9797+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9798 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9799 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9800 ### END LOGGING ###
9801@@ -2592,13 +2592,13 @@ COMMIT
9802 ### RULES ###
9803
9804 ### tuple ### allow_log udp 137,138 ::/0 any ::/0 Samba - in
9805--A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9806+-A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9807 -A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9808 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ufw6-user-logging-input
9809 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
9810
9811 ### tuple ### allow_log tcp 139,445 ::/0 any ::/0 Samba - in
9812--A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9813+-A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9814 -A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9815 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ufw6-user-logging-input
9816 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
9817@@ -2614,7 +2614,7 @@ COMMIT
9818 ### LOGGING ###
9819 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9820 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9821--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9822+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9823 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9824 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9825 ### END LOGGING ###
9826@@ -2646,13 +2646,13 @@ contents of user*.rules:
9827 ### RULES ###
9828
9829 ### tuple ### deny_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9830--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9831+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9832 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9833 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
9834 -A ufw-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
9835
9836 ### tuple ### deny_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9837--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9838+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9839 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9840 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
9841 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
9842@@ -2662,7 +2662,7 @@ contents of user*.rules:
9843 ### LOGGING ###
9844 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9845 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9846--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9847+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9848 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9849 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9850 ### END LOGGING ###
9851@@ -2691,13 +2691,13 @@ COMMIT
9852 ### RULES ###
9853
9854 ### tuple ### deny_log udp 137,138 ::/0 any ::/0 Samba - in
9855--A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9856+-A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9857 -A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9858 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ufw6-user-logging-input
9859 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
9860
9861 ### tuple ### deny_log tcp 139,445 ::/0 any ::/0 Samba - in
9862--A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9863+-A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
9864 -A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9865 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ufw6-user-logging-input
9866 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
9867@@ -2713,7 +2713,7 @@ COMMIT
9868 ### LOGGING ###
9869 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9870 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9871--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9872+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9873 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9874 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9875 ### END LOGGING ###
9876@@ -2749,7 +2749,7 @@ contents of user*.rules:
9877 ### LOGGING ###
9878 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9879 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9880--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9881+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9882 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9883 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9884 ### END LOGGING ###
9885@@ -2782,7 +2782,7 @@ COMMIT
9886 ### LOGGING ###
9887 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9888 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9889--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9890+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9891 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9892 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9893 ### END LOGGING ###
9894@@ -2827,13 +2827,13 @@ contents of user*.rules:
9895 ### RULES ###
9896
9897 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 in_eth0
9898--A ufw-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9899+-A ufw-user-logging-input -i eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9900 -A ufw-user-logging-input -i eth0 -j RETURN
9901 -A ufw-user-input -i eth0 -j ufw-user-logging-input
9902 -A ufw-user-input -i eth0 -j ACCEPT
9903
9904 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 out_eth0
9905--A ufw-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9906+-A ufw-user-logging-output -o eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9907 -A ufw-user-logging-output -o eth0 -j RETURN
9908 -A ufw-user-output -o eth0 -j ufw-user-logging-output
9909 -A ufw-user-output -o eth0 -j ACCEPT
9910@@ -2843,7 +2843,7 @@ contents of user*.rules:
9911 ### LOGGING ###
9912 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9913 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9914--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9915+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9916 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9917 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9918 ### END LOGGING ###
9919@@ -2872,13 +2872,13 @@ COMMIT
9920 ### RULES ###
9921
9922 ### tuple ### allow_log any any ::/0 any ::/0 in_eth0
9923--A ufw6-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9924+-A ufw6-user-logging-input -i eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9925 -A ufw6-user-logging-input -i eth0 -j RETURN
9926 -A ufw6-user-input -i eth0 -j ufw6-user-logging-input
9927 -A ufw6-user-input -i eth0 -j ACCEPT
9928
9929 ### tuple ### allow_log tcp 24 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in_eth0
9930--A ufw6-user-logging-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9931+-A ufw6-user-logging-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9932 -A ufw6-user-logging-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j RETURN
9933 -A ufw6-user-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j ufw6-user-logging-input
9934 -A ufw6-user-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j ACCEPT
9935@@ -2890,13 +2890,13 @@ COMMIT
9936 -A ufw6-user-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j DROP
9937
9938 ### tuple ### allow_log any any ::/0 any ::/0 out_eth0
9939--A ufw6-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9940+-A ufw6-user-logging-output -o eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9941 -A ufw6-user-logging-output -o eth0 -j RETURN
9942 -A ufw6-user-output -o eth0 -j ufw6-user-logging-output
9943 -A ufw6-user-output -o eth0 -j ACCEPT
9944
9945 ### tuple ### allow_log tcp 24 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 out_eth0
9946--A ufw6-user-logging-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9947+-A ufw6-user-logging-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9948 -A ufw6-user-logging-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j RETURN
9949 -A ufw6-user-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j ufw6-user-logging-output
9950 -A ufw6-user-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j ACCEPT
9951@@ -2912,7 +2912,7 @@ COMMIT
9952 ### LOGGING ###
9953 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9954 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9955--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9956+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
9957 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
9958 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
9959 ### END LOGGING ###
9960diff --git a/tests/ipv6/logging/result.1.3 b/tests/ipv6/logging/result.1.3
9961index 5b0c26d..036b49e 100644
9962--- a/tests/ipv6/logging/result.1.3
9963+++ b/tests/ipv6/logging/result.1.3
9964@@ -15,23 +15,23 @@ contents of user*.rules:
9965 ### RULES ###
9966
9967 ### tuple ### allow_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
9968--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9969+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9970 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
9971 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
9972 -A ufw-user-input -p tcp --dport 23 -j ACCEPT
9973--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9974+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9975 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
9976 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
9977 -A ufw-user-input -p udp --dport 23 -j ACCEPT
9978
9979 ### tuple ### allow_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9980--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9981+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9982 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
9983 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
9984 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
9985
9986 ### tuple ### allow_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
9987--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9988+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9989 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
9990 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
9991 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
9992@@ -48,11 +48,11 @@ COMMIT
9993 ### RULES ###
9994
9995 ### tuple ### allow_log any 23 ::/0 any ::/0 in
9996--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9997+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
9998 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
9999 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
10000 -A ufw6-user-input -p tcp --dport 23 -j ACCEPT
10001--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10002+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10003 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
10004 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
10005 -A ufw6-user-input -p udp --dport 23 -j ACCEPT
10006@@ -111,7 +111,7 @@ COMMIT
10007 ### RULES ###
10008
10009 ### tuple ### allow_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
10010--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10011+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10012 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
10013 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
10014 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ACCEPT
10015@@ -303,23 +303,23 @@ contents of user*.rules:
10016 ### RULES ###
10017
10018 ### tuple ### deny_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
10019--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10020+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10021 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
10022 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
10023 -A ufw-user-input -p tcp --dport 23 -j DROP
10024--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10025+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10026 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
10027 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
10028 -A ufw-user-input -p udp --dport 23 -j DROP
10029
10030 ### tuple ### deny_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10031--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10032+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10033 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
10034 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
10035 -A ufw-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
10036
10037 ### tuple ### deny_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10038--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10039+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10040 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
10041 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
10042 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
10043@@ -336,11 +336,11 @@ COMMIT
10044 ### RULES ###
10045
10046 ### tuple ### deny_log any 23 ::/0 any ::/0 in
10047--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10048+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10049 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
10050 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
10051 -A ufw6-user-input -p tcp --dport 23 -j DROP
10052--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10053+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10054 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
10055 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
10056 -A ufw6-user-input -p udp --dport 23 -j DROP
10057@@ -399,7 +399,7 @@ COMMIT
10058 ### RULES ###
10059
10060 ### tuple ### deny_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
10061--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10062+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10063 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
10064 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
10065 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j DROP
10066@@ -591,33 +591,33 @@ contents of user*.rules:
10067 ### RULES ###
10068
10069 ### tuple ### limit_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
10070--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10071+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10072 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
10073 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
10074--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --set
10075--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
10076+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
10077+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
10078 -A ufw-user-input -p tcp --dport 23 -j ufw-user-limit-accept
10079--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10080+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10081 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
10082 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
10083--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --set
10084--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
10085+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --set
10086+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
10087 -A ufw-user-input -p udp --dport 23 -j ufw-user-limit-accept
10088
10089 ### tuple ### limit_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10090--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10091+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10092 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
10093 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
10094--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
10095--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
10096+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
10097+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
10098 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
10099
10100 ### tuple ### limit_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10101--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10102+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10103 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
10104 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
10105--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
10106--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
10107+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
10108+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
10109 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
10110
10111 ### END RULES ###
10112@@ -730,30 +730,30 @@ contents of user*.rules:
10113 -A ufw-user-logging-input -p tcp --dport 23 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10114 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
10115 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
10116--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --set
10117--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
10118+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
10119+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
10120 -A ufw-user-input -p tcp --dport 23 -j ufw-user-limit-accept
10121 -A ufw-user-logging-input -p udp --dport 23 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10122 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
10123 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
10124--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --set
10125--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
10126+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --set
10127+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
10128 -A ufw-user-input -p udp --dport 23 -j ufw-user-limit-accept
10129
10130 ### tuple ### limit_log-all udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10131 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10132 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
10133 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
10134--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
10135--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
10136+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
10137+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
10138 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
10139
10140 ### tuple ### limit_log-all tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10141 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
10142 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
10143 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
10144--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
10145--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
10146+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
10147+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
10148 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
10149
10150 ### END RULES ###
10151@@ -863,23 +863,23 @@ contents of user*.rules:
10152 ### RULES ###
10153
10154 ### tuple ### reject_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
10155--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10156+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10157 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
10158 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
10159 -A ufw-user-input -p tcp --dport 23 -j REJECT --reject-with tcp-reset
10160--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10161+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10162 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
10163 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
10164 -A ufw-user-input -p udp --dport 23 -j REJECT
10165
10166 ### tuple ### reject_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10167--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10168+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10169 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
10170 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
10171 -A ufw-user-input -p udp -m multiport --dports 137,138 -j REJECT -m comment --comment 'dapp_Samba'
10172
10173 ### tuple ### reject_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10174--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10175+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10176 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
10177 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
10178 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j REJECT --reject-with tcp-reset -m comment --comment 'dapp_Samba'
10179@@ -896,11 +896,11 @@ COMMIT
10180 ### RULES ###
10181
10182 ### tuple ### reject_log any 23 ::/0 any ::/0 in
10183--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10184+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10185 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
10186 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
10187 -A ufw6-user-input -p tcp --dport 23 -j REJECT --reject-with tcp-reset
10188--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10189+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10190 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
10191 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
10192 -A ufw6-user-input -p udp --dport 23 -j REJECT
10193@@ -959,7 +959,7 @@ COMMIT
10194 ### RULES ###
10195
10196 ### tuple ### reject_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
10197--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10198+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10199 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
10200 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
10201 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j REJECT --reject-with tcp-reset
10202@@ -1152,13 +1152,13 @@ contents of user*.rules:
10203 ### RULES ###
10204
10205 ### tuple ### allow_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10206--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10207+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10208 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
10209 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
10210 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
10211
10212 ### tuple ### allow_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10213--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10214+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10215 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
10216 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
10217 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
10218@@ -1198,13 +1198,13 @@ contents of user*.rules:
10219 ### RULES ###
10220
10221 ### tuple ### deny_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10222--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10223+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10224 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
10225 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
10226 -A ufw-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
10227
10228 ### tuple ### deny_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
10229--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10230+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
10231 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
10232 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
10233 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
10234@@ -1285,13 +1285,13 @@ contents of user*.rules:
10235 ### RULES ###
10236
10237 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 in_eth0
10238--A ufw-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10239+-A ufw-user-logging-input -i eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10240 -A ufw-user-logging-input -i eth0 -j RETURN
10241 -A ufw-user-input -i eth0 -j ufw-user-logging-input
10242 -A ufw-user-input -i eth0 -j ACCEPT
10243
10244 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 out_eth0
10245--A ufw-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10246+-A ufw-user-logging-output -o eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10247 -A ufw-user-logging-output -o eth0 -j RETURN
10248 -A ufw-user-output -o eth0 -j ufw-user-logging-output
10249 -A ufw-user-output -o eth0 -j ACCEPT
10250@@ -1308,13 +1308,13 @@ COMMIT
10251 ### RULES ###
10252
10253 ### tuple ### allow_log any any ::/0 any ::/0 in_eth0
10254--A ufw6-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10255+-A ufw6-user-logging-input -i eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10256 -A ufw6-user-logging-input -i eth0 -j RETURN
10257 -A ufw6-user-input -i eth0 -j ufw6-user-logging-input
10258 -A ufw6-user-input -i eth0 -j ACCEPT
10259
10260 ### tuple ### allow_log tcp 24 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in_eth0
10261--A ufw6-user-logging-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10262+-A ufw6-user-logging-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10263 -A ufw6-user-logging-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j RETURN
10264 -A ufw6-user-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j ufw6-user-logging-input
10265 -A ufw6-user-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j ACCEPT
10266@@ -1326,13 +1326,13 @@ COMMIT
10267 -A ufw6-user-input -i eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j DROP
10268
10269 ### tuple ### allow_log any any ::/0 any ::/0 out_eth0
10270--A ufw6-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10271+-A ufw6-user-logging-output -o eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10272 -A ufw6-user-logging-output -o eth0 -j RETURN
10273 -A ufw6-user-output -o eth0 -j ufw6-user-logging-output
10274 -A ufw6-user-output -o eth0 -j ACCEPT
10275
10276 ### tuple ### allow_log tcp 24 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 out_eth0
10277--A ufw6-user-logging-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10278+-A ufw6-user-logging-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
10279 -A ufw6-user-logging-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j RETURN
10280 -A ufw6-user-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j ufw6-user-logging-output
10281 -A ufw6-user-output -o eth0 -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 24 -s 2001:db8::/32 -j ACCEPT
10282diff --git a/tests/ipv6/rules6/result b/tests/ipv6/rules6/result
10283index 4e6a197..4fd299c 100644
10284--- a/tests/ipv6/rules6/result
10285+++ b/tests/ipv6/rules6/result
10286@@ -26,7 +26,7 @@ WARN: Checks disabled
10287 ### LOGGING ###
10288 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10289 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10290--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10291+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10292 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10293 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10294 ### END LOGGING ###
10295@@ -62,7 +62,7 @@ WARN: Checks disabled
10296 ### LOGGING ###
10297 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10298 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10299--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10300+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10301 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10302 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10303 ### END LOGGING ###
10304@@ -94,7 +94,7 @@ WARN: Checks disabled
10305 ### LOGGING ###
10306 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10307 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10308--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10309+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10310 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10311 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10312 ### END LOGGING ###
10313@@ -129,7 +129,7 @@ WARN: Checks disabled
10314 ### LOGGING ###
10315 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10316 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10317--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10318+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10319 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10320 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10321 ### END LOGGING ###
10322@@ -161,7 +161,7 @@ WARN: Checks disabled
10323 ### LOGGING ###
10324 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10325 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10326--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10327+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10328 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10329 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10330 ### END LOGGING ###
10331@@ -196,7 +196,7 @@ WARN: Checks disabled
10332 ### LOGGING ###
10333 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10334 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10335--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10336+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10337 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10338 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10339 ### END LOGGING ###
10340@@ -228,7 +228,7 @@ WARN: Checks disabled
10341 ### LOGGING ###
10342 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10343 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10344--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10345+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10346 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10347 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10348 ### END LOGGING ###
10349@@ -264,7 +264,7 @@ WARN: Checks disabled
10350 ### LOGGING ###
10351 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10352 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10353--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10354+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10355 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10356 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10357 ### END LOGGING ###
10358@@ -296,7 +296,7 @@ WARN: Checks disabled
10359 ### LOGGING ###
10360 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10361 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10362--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10363+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10364 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10365 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10366 ### END LOGGING ###
10367@@ -332,7 +332,7 @@ WARN: Checks disabled
10368 ### LOGGING ###
10369 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10370 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10371--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10372+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10373 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10374 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10375 ### END LOGGING ###
10376@@ -364,7 +364,7 @@ WARN: Checks disabled
10377 ### LOGGING ###
10378 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10379 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10380--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10381+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10382 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10383 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10384 ### END LOGGING ###
10385@@ -400,7 +400,7 @@ WARN: Checks disabled
10386 ### LOGGING ###
10387 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10388 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10389--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10390+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10391 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10392 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10393 ### END LOGGING ###
10394@@ -432,7 +432,7 @@ WARN: Checks disabled
10395 ### LOGGING ###
10396 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10397 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10398--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10399+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10400 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10401 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10402 ### END LOGGING ###
10403@@ -468,7 +468,7 @@ WARN: Checks disabled
10404 ### LOGGING ###
10405 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10406 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10407--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10408+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10409 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10410 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10411 ### END LOGGING ###
10412@@ -500,7 +500,7 @@ WARN: Checks disabled
10413 ### LOGGING ###
10414 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10415 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10416--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10417+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10418 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10419 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10420 ### END LOGGING ###
10421@@ -536,7 +536,7 @@ WARN: Checks disabled
10422 ### LOGGING ###
10423 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10424 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10425--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10426+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10427 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10428 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10429 ### END LOGGING ###
10430@@ -568,7 +568,7 @@ WARN: Checks disabled
10431 ### LOGGING ###
10432 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10433 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10434--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10435+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10436 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10437 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10438 ### END LOGGING ###
10439@@ -603,7 +603,7 @@ WARN: Checks disabled
10440 ### LOGGING ###
10441 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10442 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10443--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10444+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10445 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10446 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10447 ### END LOGGING ###
10448@@ -635,7 +635,7 @@ WARN: Checks disabled
10449 ### LOGGING ###
10450 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10451 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10452--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10453+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10454 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10455 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10456 ### END LOGGING ###
10457@@ -670,7 +670,7 @@ WARN: Checks disabled
10458 ### LOGGING ###
10459 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10460 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10461--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10462+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10463 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10464 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10465 ### END LOGGING ###
10466@@ -702,7 +702,7 @@ WARN: Checks disabled
10467 ### LOGGING ###
10468 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10469 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10470--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10471+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10472 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10473 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10474 ### END LOGGING ###
10475@@ -737,7 +737,7 @@ WARN: Checks disabled
10476 ### LOGGING ###
10477 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10478 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10479--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10480+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10481 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10482 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10483 ### END LOGGING ###
10484@@ -769,7 +769,7 @@ WARN: Checks disabled
10485 ### LOGGING ###
10486 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10487 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10488--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10489+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10490 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10491 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10492 ### END LOGGING ###
10493@@ -804,7 +804,7 @@ WARN: Checks disabled
10494 ### LOGGING ###
10495 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10496 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10497--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10498+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10499 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10500 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10501 ### END LOGGING ###
10502@@ -836,7 +836,7 @@ WARN: Checks disabled
10503 ### LOGGING ###
10504 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10505 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10506--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10507+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10508 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10509 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10510 ### END LOGGING ###
10511@@ -871,7 +871,7 @@ WARN: Checks disabled
10512 ### LOGGING ###
10513 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10514 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10515--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10516+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10517 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10518 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10519 ### END LOGGING ###
10520@@ -903,7 +903,7 @@ WARN: Checks disabled
10521 ### LOGGING ###
10522 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10523 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10524--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10525+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10526 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10527 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10528 ### END LOGGING ###
10529@@ -938,7 +938,7 @@ WARN: Checks disabled
10530 ### LOGGING ###
10531 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10532 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10533--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10534+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10535 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10536 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10537 ### END LOGGING ###
10538@@ -970,7 +970,7 @@ WARN: Checks disabled
10539 ### LOGGING ###
10540 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10541 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10542--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10543+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10544 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10545 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10546 ### END LOGGING ###
10547@@ -1005,7 +1005,7 @@ WARN: Checks disabled
10548 ### LOGGING ###
10549 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10550 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10551--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10552+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10553 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10554 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10555 ### END LOGGING ###
10556@@ -1037,7 +1037,7 @@ WARN: Checks disabled
10557 ### LOGGING ###
10558 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10559 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10560--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10561+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10562 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10563 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10564 ### END LOGGING ###
10565@@ -1072,7 +1072,7 @@ WARN: Checks disabled
10566 ### LOGGING ###
10567 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10568 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10569--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10570+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10571 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10572 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10573 ### END LOGGING ###
10574@@ -1104,7 +1104,7 @@ WARN: Checks disabled
10575 ### LOGGING ###
10576 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10577 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10578--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10579+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10580 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10581 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10582 ### END LOGGING ###
10583@@ -1139,7 +1139,7 @@ WARN: Checks disabled
10584 ### LOGGING ###
10585 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10586 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10587--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10588+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10589 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10590 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10591 ### END LOGGING ###
10592@@ -1171,7 +1171,7 @@ WARN: Checks disabled
10593 ### LOGGING ###
10594 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10595 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10596--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10597+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10598 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10599 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10600 ### END LOGGING ###
10601@@ -1206,7 +1206,7 @@ WARN: Checks disabled
10602 ### LOGGING ###
10603 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10604 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10605--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10606+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10607 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10608 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10609 ### END LOGGING ###
10610@@ -1238,7 +1238,7 @@ WARN: Checks disabled
10611 ### LOGGING ###
10612 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10613 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10614--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10615+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10616 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10617 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10618 ### END LOGGING ###
10619@@ -1273,7 +1273,7 @@ WARN: Checks disabled
10620 ### LOGGING ###
10621 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10622 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10623--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10624+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10625 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10626 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10627 ### END LOGGING ###
10628@@ -1305,7 +1305,7 @@ WARN: Checks disabled
10629 ### LOGGING ###
10630 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10631 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10632--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10633+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10634 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10635 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10636 ### END LOGGING ###
10637@@ -1340,7 +1340,7 @@ WARN: Checks disabled
10638 ### LOGGING ###
10639 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10640 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10641--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10642+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10643 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10644 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10645 ### END LOGGING ###
10646@@ -1372,7 +1372,7 @@ WARN: Checks disabled
10647 ### LOGGING ###
10648 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10649 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10650--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10651+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10652 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10653 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10654 ### END LOGGING ###
10655@@ -1408,7 +1408,7 @@ WARN: Checks disabled
10656 ### LOGGING ###
10657 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10658 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10659--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10660+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10661 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10662 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10663 ### END LOGGING ###
10664@@ -1440,7 +1440,7 @@ WARN: Checks disabled
10665 ### LOGGING ###
10666 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10667 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10668--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10669+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10670 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10671 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10672 ### END LOGGING ###
10673@@ -1475,7 +1475,7 @@ WARN: Checks disabled
10674 ### LOGGING ###
10675 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10676 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10677--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10678+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10679 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10680 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10681 ### END LOGGING ###
10682@@ -1507,7 +1507,7 @@ WARN: Checks disabled
10683 ### LOGGING ###
10684 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10685 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10686--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10687+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10688 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10689 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10690 ### END LOGGING ###
10691@@ -1542,7 +1542,7 @@ WARN: Checks disabled
10692 ### LOGGING ###
10693 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10694 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10695--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10696+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10697 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10698 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10699 ### END LOGGING ###
10700@@ -1574,7 +1574,7 @@ WARN: Checks disabled
10701 ### LOGGING ###
10702 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10703 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10704--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10705+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10706 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10707 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10708 ### END LOGGING ###
10709@@ -1609,7 +1609,7 @@ WARN: Checks disabled
10710 ### LOGGING ###
10711 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10712 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10713--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10714+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10715 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10716 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10717 ### END LOGGING ###
10718@@ -1641,7 +1641,7 @@ WARN: Checks disabled
10719 ### LOGGING ###
10720 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10721 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10722--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10723+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10724 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10725 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10726 ### END LOGGING ###
10727@@ -1677,7 +1677,7 @@ WARN: Checks disabled
10728 ### LOGGING ###
10729 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10730 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10731--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10732+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10733 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10734 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10735 ### END LOGGING ###
10736@@ -1709,7 +1709,7 @@ WARN: Checks disabled
10737 ### LOGGING ###
10738 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10739 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10740--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10741+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10742 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10743 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10744 ### END LOGGING ###
10745@@ -1745,7 +1745,7 @@ WARN: Checks disabled
10746 ### LOGGING ###
10747 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10748 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10749--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10750+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10751 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10752 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10753 ### END LOGGING ###
10754@@ -1777,7 +1777,7 @@ WARN: Checks disabled
10755 ### LOGGING ###
10756 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10757 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10758--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10759+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10760 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10761 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10762 ### END LOGGING ###
10763@@ -1813,7 +1813,7 @@ WARN: Checks disabled
10764 ### LOGGING ###
10765 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10766 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10767--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10768+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10769 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10770 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10771 ### END LOGGING ###
10772@@ -1845,7 +1845,7 @@ WARN: Checks disabled
10773 ### LOGGING ###
10774 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10775 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10776--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10777+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10778 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10779 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10780 ### END LOGGING ###
10781@@ -1881,7 +1881,7 @@ WARN: Checks disabled
10782 ### LOGGING ###
10783 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10784 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10785--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10786+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10787 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10788 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10789 ### END LOGGING ###
10790@@ -1913,7 +1913,7 @@ WARN: Checks disabled
10791 ### LOGGING ###
10792 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10793 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10794--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10795+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10796 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10797 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10798 ### END LOGGING ###
10799@@ -1949,7 +1949,7 @@ WARN: Checks disabled
10800 ### LOGGING ###
10801 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10802 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10803--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10804+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10805 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10806 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10807 ### END LOGGING ###
10808@@ -1981,7 +1981,7 @@ WARN: Checks disabled
10809 ### LOGGING ###
10810 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10811 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10812--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10813+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10814 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10815 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10816 ### END LOGGING ###
10817@@ -2016,7 +2016,7 @@ WARN: Checks disabled
10818 ### LOGGING ###
10819 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10820 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10821--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10822+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10823 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10824 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10825 ### END LOGGING ###
10826@@ -2048,7 +2048,7 @@ WARN: Checks disabled
10827 ### LOGGING ###
10828 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10829 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10830--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10831+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10832 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10833 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10834 ### END LOGGING ###
10835@@ -2083,7 +2083,7 @@ WARN: Checks disabled
10836 ### LOGGING ###
10837 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10838 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10839--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10840+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10841 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10842 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10843 ### END LOGGING ###
10844@@ -2115,7 +2115,7 @@ WARN: Checks disabled
10845 ### LOGGING ###
10846 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10847 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10848--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10849+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10850 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10851 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10852 ### END LOGGING ###
10853@@ -2150,7 +2150,7 @@ WARN: Checks disabled
10854 ### LOGGING ###
10855 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10856 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10857--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10858+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10859 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10860 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10861 ### END LOGGING ###
10862@@ -2182,7 +2182,7 @@ WARN: Checks disabled
10863 ### LOGGING ###
10864 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10865 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10866--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10867+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10868 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10869 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10870 ### END LOGGING ###
10871@@ -2217,7 +2217,7 @@ WARN: Checks disabled
10872 ### LOGGING ###
10873 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10874 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10875--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10876+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10877 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10878 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10879 ### END LOGGING ###
10880@@ -2249,7 +2249,7 @@ WARN: Checks disabled
10881 ### LOGGING ###
10882 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10883 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10884--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10885+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10886 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10887 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10888 ### END LOGGING ###
10889@@ -2284,7 +2284,7 @@ WARN: Checks disabled
10890 ### LOGGING ###
10891 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10892 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10893--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10894+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10895 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10896 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10897 ### END LOGGING ###
10898@@ -2316,7 +2316,7 @@ WARN: Checks disabled
10899 ### LOGGING ###
10900 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10901 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10902--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10903+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10904 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10905 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10906 ### END LOGGING ###
10907@@ -2351,7 +2351,7 @@ WARN: Checks disabled
10908 ### LOGGING ###
10909 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10910 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10911--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10912+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10913 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10914 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10915 ### END LOGGING ###
10916@@ -2383,7 +2383,7 @@ WARN: Checks disabled
10917 ### LOGGING ###
10918 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10919 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10920--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10921+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10922 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10923 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10924 ### END LOGGING ###
10925@@ -2418,7 +2418,7 @@ WARN: Checks disabled
10926 ### LOGGING ###
10927 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10928 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10929--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10930+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10931 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10932 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10933 ### END LOGGING ###
10934@@ -2450,7 +2450,7 @@ WARN: Checks disabled
10935 ### LOGGING ###
10936 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10937 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10938--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10939+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10940 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10941 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10942 ### END LOGGING ###
10943@@ -2485,7 +2485,7 @@ WARN: Checks disabled
10944 ### LOGGING ###
10945 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10946 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10947--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10948+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10949 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10950 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10951 ### END LOGGING ###
10952@@ -2517,7 +2517,7 @@ WARN: Checks disabled
10953 ### LOGGING ###
10954 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10955 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10956--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10957+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10958 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10959 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10960 ### END LOGGING ###
10961@@ -2552,7 +2552,7 @@ WARN: Checks disabled
10962 ### LOGGING ###
10963 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10964 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10965--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10966+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10967 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10968 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10969 ### END LOGGING ###
10970@@ -2584,7 +2584,7 @@ WARN: Checks disabled
10971 ### LOGGING ###
10972 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10973 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10974--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10975+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10976 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10977 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10978 ### END LOGGING ###
10979@@ -2619,7 +2619,7 @@ WARN: Checks disabled
10980 ### LOGGING ###
10981 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10982 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10983--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10984+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10985 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10986 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10987 ### END LOGGING ###
10988@@ -2651,7 +2651,7 @@ WARN: Checks disabled
10989 ### LOGGING ###
10990 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10991 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10992--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10993+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
10994 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
10995 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
10996 ### END LOGGING ###
10997@@ -2686,7 +2686,7 @@ WARN: Checks disabled
10998 ### LOGGING ###
10999 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11000 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11001--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11002+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11003 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11004 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11005 ### END LOGGING ###
11006@@ -2718,7 +2718,7 @@ WARN: Checks disabled
11007 ### LOGGING ###
11008 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11009 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11010--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11011+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11012 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11013 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11014 ### END LOGGING ###
11015@@ -2753,7 +2753,7 @@ WARN: Checks disabled
11016 ### LOGGING ###
11017 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11018 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11019--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11020+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11021 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11022 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11023 ### END LOGGING ###
11024@@ -2785,7 +2785,7 @@ WARN: Checks disabled
11025 ### LOGGING ###
11026 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11027 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11028--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11029+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11030 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11031 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11032 ### END LOGGING ###
11033@@ -2821,7 +2821,7 @@ WARN: Checks disabled
11034 ### LOGGING ###
11035 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11036 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11037--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11038+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11039 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11040 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11041 ### END LOGGING ###
11042@@ -2853,7 +2853,7 @@ WARN: Checks disabled
11043 ### LOGGING ###
11044 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11045 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11046--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11047+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11048 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11049 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11050 ### END LOGGING ###
11051@@ -3099,7 +3099,7 @@ WARN: Checks disabled
11052 ### LOGGING ###
11053 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11054 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11055--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11056+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11057 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11058 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11059 ### END LOGGING ###
11060@@ -3134,7 +3134,7 @@ WARN: Checks disabled
11061 ### LOGGING ###
11062 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11063 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11064--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11065+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11066 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11067 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11068 ### END LOGGING ###
11069@@ -3169,7 +3169,7 @@ WARN: Checks disabled
11070 ### LOGGING ###
11071 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11072 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11073--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11074+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11075 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11076 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11077 ### END LOGGING ###
11078@@ -3204,7 +3204,7 @@ WARN: Checks disabled
11079 ### LOGGING ###
11080 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11081 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11082--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11083+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11084 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11085 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11086 ### END LOGGING ###
11087@@ -3239,7 +3239,7 @@ WARN: Checks disabled
11088 ### LOGGING ###
11089 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11090 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11091--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11092+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11093 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11094 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11095 ### END LOGGING ###
11096@@ -3274,7 +3274,7 @@ WARN: Checks disabled
11097 ### LOGGING ###
11098 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11099 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11100--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11101+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11102 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11103 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11104 ### END LOGGING ###
11105@@ -3309,7 +3309,7 @@ WARN: Checks disabled
11106 ### LOGGING ###
11107 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11108 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11109--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11110+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11111 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11112 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11113 ### END LOGGING ###
11114@@ -3345,7 +3345,7 @@ WARN: Checks disabled
11115 ### LOGGING ###
11116 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11117 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11118--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11119+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11120 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11121 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11122 ### END LOGGING ###
11123@@ -3380,7 +3380,7 @@ WARN: Checks disabled
11124 ### LOGGING ###
11125 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11126 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11127--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11128+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11129 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11130 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11131 ### END LOGGING ###
11132@@ -3415,7 +3415,7 @@ WARN: Checks disabled
11133 ### LOGGING ###
11134 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11135 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11136--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11137+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11138 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11139 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11140 ### END LOGGING ###
11141@@ -3450,7 +3450,7 @@ WARN: Checks disabled
11142 ### LOGGING ###
11143 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11144 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11145--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11146+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11147 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11148 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11149 ### END LOGGING ###
11150@@ -3485,7 +3485,7 @@ WARN: Checks disabled
11151 ### LOGGING ###
11152 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11153 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11154--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11155+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11156 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11157 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11158 ### END LOGGING ###
11159@@ -3520,7 +3520,7 @@ WARN: Checks disabled
11160 ### LOGGING ###
11161 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11162 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11163--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11164+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11165 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11166 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11167 ### END LOGGING ###
11168@@ -3555,7 +3555,7 @@ WARN: Checks disabled
11169 ### LOGGING ###
11170 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11171 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11172--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11173+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11174 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11175 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11176 ### END LOGGING ###
11177@@ -3590,7 +3590,7 @@ WARN: Checks disabled
11178 ### LOGGING ###
11179 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11180 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11181--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11182+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11183 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11184 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11185 ### END LOGGING ###
11186@@ -3625,7 +3625,7 @@ WARN: Checks disabled
11187 ### LOGGING ###
11188 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11189 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11190--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11191+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11192 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11193 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11194 ### END LOGGING ###
11195@@ -3660,7 +3660,7 @@ WARN: Checks disabled
11196 ### LOGGING ###
11197 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11198 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11199--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11200+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11201 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11202 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11203 ### END LOGGING ###
11204@@ -3695,7 +3695,7 @@ WARN: Checks disabled
11205 ### LOGGING ###
11206 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11207 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11208--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11209+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11210 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11211 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11212 ### END LOGGING ###
11213@@ -3730,7 +3730,7 @@ WARN: Checks disabled
11214 ### LOGGING ###
11215 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11216 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11217--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11218+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11219 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11220 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11221 ### END LOGGING ###
11222@@ -3765,7 +3765,7 @@ WARN: Checks disabled
11223 ### LOGGING ###
11224 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11225 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11226--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11227+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11228 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11229 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11230 ### END LOGGING ###
11231@@ -3800,7 +3800,7 @@ WARN: Checks disabled
11232 ### LOGGING ###
11233 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11234 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11235--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11236+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11237 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11238 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11239 ### END LOGGING ###
11240@@ -3835,7 +3835,7 @@ WARN: Checks disabled
11241 ### LOGGING ###
11242 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11243 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11244--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11245+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11246 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11247 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11248 ### END LOGGING ###
11249@@ -3870,7 +3870,7 @@ WARN: Checks disabled
11250 ### LOGGING ###
11251 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11252 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11253--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11254+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11255 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11256 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11257 ### END LOGGING ###
11258@@ -3905,7 +3905,7 @@ WARN: Checks disabled
11259 ### LOGGING ###
11260 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11261 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11262--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11263+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11264 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11265 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11266 ### END LOGGING ###
11267@@ -3940,7 +3940,7 @@ WARN: Checks disabled
11268 ### LOGGING ###
11269 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11270 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11271--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11272+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11273 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11274 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11275 ### END LOGGING ###
11276@@ -3975,7 +3975,7 @@ WARN: Checks disabled
11277 ### LOGGING ###
11278 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11279 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11280--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11281+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11282 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11283 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11284 ### END LOGGING ###
11285@@ -4010,7 +4010,7 @@ WARN: Checks disabled
11286 ### LOGGING ###
11287 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11288 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11289--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11290+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11291 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11292 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11293 ### END LOGGING ###
11294@@ -4045,7 +4045,7 @@ WARN: Checks disabled
11295 ### LOGGING ###
11296 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11297 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11298--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11299+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11300 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11301 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11302 ### END LOGGING ###
11303@@ -4080,7 +4080,7 @@ WARN: Checks disabled
11304 ### LOGGING ###
11305 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11306 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11307--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11308+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11309 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11310 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11311 ### END LOGGING ###
11312@@ -4115,7 +4115,7 @@ WARN: Checks disabled
11313 ### LOGGING ###
11314 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11315 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11316--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11317+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11318 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11319 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11320 ### END LOGGING ###
11321@@ -4150,7 +4150,7 @@ WARN: Checks disabled
11322 ### LOGGING ###
11323 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11324 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11325--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11326+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11327 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11328 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11329 ### END LOGGING ###
11330@@ -4187,7 +4187,7 @@ WARN: Checks disabled
11331 ### LOGGING ###
11332 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11333 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11334--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11335+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11336 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11337 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11338 ### END LOGGING ###
11339@@ -4223,7 +4223,7 @@ COMMIT
11340 ### LOGGING ###
11341 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11342 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11343--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11344+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11345 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11346 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11347 ### END LOGGING ###
11348@@ -4261,7 +4261,7 @@ WARN: Checks disabled
11349 ### LOGGING ###
11350 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11351 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11352--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11353+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11354 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11355 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11356 ### END LOGGING ###
11357@@ -4297,7 +4297,7 @@ COMMIT
11358 ### LOGGING ###
11359 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11360 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11361--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11362+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11363 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11364 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11365 ### END LOGGING ###
11366@@ -4335,7 +4335,7 @@ WARN: Checks disabled
11367 ### LOGGING ###
11368 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11369 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11370--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11371+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11372 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11373 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11374 ### END LOGGING ###
11375@@ -4371,7 +4371,7 @@ COMMIT
11376 ### LOGGING ###
11377 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11378 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11379--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11380+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11381 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11382 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11383 ### END LOGGING ###
11384@@ -4409,7 +4409,7 @@ WARN: Checks disabled
11385 ### LOGGING ###
11386 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11387 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11388--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11389+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11390 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11391 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11392 ### END LOGGING ###
11393@@ -4445,7 +4445,7 @@ COMMIT
11394 ### LOGGING ###
11395 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11396 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11397--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11398+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11399 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11400 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11401 ### END LOGGING ###
11402@@ -4483,7 +4483,7 @@ WARN: Checks disabled
11403 ### LOGGING ###
11404 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11405 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11406--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11407+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11408 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11409 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11410 ### END LOGGING ###
11411@@ -4519,7 +4519,7 @@ COMMIT
11412 ### LOGGING ###
11413 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11414 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11415--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11416+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11417 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11418 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11419 ### END LOGGING ###
11420@@ -4557,7 +4557,7 @@ WARN: Checks disabled
11421 ### LOGGING ###
11422 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11423 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11424--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11425+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11426 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11427 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11428 ### END LOGGING ###
11429@@ -4593,7 +4593,7 @@ COMMIT
11430 ### LOGGING ###
11431 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11432 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11433--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11434+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11435 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11436 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11437 ### END LOGGING ###
11438@@ -4631,7 +4631,7 @@ WARN: Checks disabled
11439 ### LOGGING ###
11440 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11441 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11442--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11443+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11444 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11445 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11446 ### END LOGGING ###
11447@@ -4667,7 +4667,7 @@ COMMIT
11448 ### LOGGING ###
11449 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11450 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11451--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11452+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11453 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11454 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11455 ### END LOGGING ###
11456@@ -4705,7 +4705,7 @@ WARN: Checks disabled
11457 ### LOGGING ###
11458 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11459 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11460--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11461+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11462 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11463 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11464 ### END LOGGING ###
11465@@ -4741,7 +4741,7 @@ COMMIT
11466 ### LOGGING ###
11467 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11468 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11469--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11470+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11471 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11472 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11473 ### END LOGGING ###
11474@@ -4779,7 +4779,7 @@ WARN: Checks disabled
11475 ### LOGGING ###
11476 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11477 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11478--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11479+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11480 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11481 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11482 ### END LOGGING ###
11483@@ -4815,7 +4815,7 @@ COMMIT
11484 ### LOGGING ###
11485 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11486 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11487--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11488+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11489 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11490 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11491 ### END LOGGING ###
11492@@ -4853,7 +4853,7 @@ WARN: Checks disabled
11493 ### LOGGING ###
11494 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11495 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11496--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11497+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11498 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11499 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11500 ### END LOGGING ###
11501@@ -4889,7 +4889,7 @@ COMMIT
11502 ### LOGGING ###
11503 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11504 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11505--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11506+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11507 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11508 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11509 ### END LOGGING ###
11510@@ -4927,7 +4927,7 @@ WARN: Checks disabled
11511 ### LOGGING ###
11512 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11513 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11514--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11515+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11516 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11517 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11518 ### END LOGGING ###
11519@@ -4963,7 +4963,7 @@ COMMIT
11520 ### LOGGING ###
11521 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11522 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11523--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11524+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11525 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11526 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11527 ### END LOGGING ###
11528@@ -5001,7 +5001,7 @@ WARN: Checks disabled
11529 ### LOGGING ###
11530 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11531 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11532--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11533+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11534 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11535 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11536 ### END LOGGING ###
11537@@ -5037,7 +5037,7 @@ COMMIT
11538 ### LOGGING ###
11539 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11540 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11541--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11542+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11543 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11544 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11545 ### END LOGGING ###
11546@@ -5075,7 +5075,7 @@ WARN: Checks disabled
11547 ### LOGGING ###
11548 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11549 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11550--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11551+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11552 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11553 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11554 ### END LOGGING ###
11555@@ -5111,7 +5111,7 @@ COMMIT
11556 ### LOGGING ###
11557 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11558 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11559--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11560+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11561 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11562 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11563 ### END LOGGING ###
11564@@ -5149,7 +5149,7 @@ WARN: Checks disabled
11565 ### LOGGING ###
11566 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11567 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11568--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11569+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11570 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11571 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11572 ### END LOGGING ###
11573@@ -5185,7 +5185,7 @@ COMMIT
11574 ### LOGGING ###
11575 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11576 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11577--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11578+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11579 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11580 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11581 ### END LOGGING ###
11582@@ -5223,7 +5223,7 @@ WARN: Checks disabled
11583 ### LOGGING ###
11584 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11585 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11586--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11587+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11588 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11589 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11590 ### END LOGGING ###
11591@@ -5259,7 +5259,7 @@ COMMIT
11592 ### LOGGING ###
11593 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11594 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11595--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11596+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11597 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11598 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11599 ### END LOGGING ###
11600@@ -5297,7 +5297,7 @@ WARN: Checks disabled
11601 ### LOGGING ###
11602 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11603 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11604--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11605+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11606 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11607 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11608 ### END LOGGING ###
11609@@ -5333,7 +5333,7 @@ COMMIT
11610 ### LOGGING ###
11611 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11612 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11613--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11614+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11615 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11616 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11617 ### END LOGGING ###
11618@@ -5371,7 +5371,7 @@ WARN: Checks disabled
11619 ### LOGGING ###
11620 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11621 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11622--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11623+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11624 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11625 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11626 ### END LOGGING ###
11627@@ -5407,7 +5407,7 @@ COMMIT
11628 ### LOGGING ###
11629 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11630 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11631--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11632+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11633 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11634 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11635 ### END LOGGING ###
11636@@ -5445,7 +5445,7 @@ WARN: Checks disabled
11637 ### LOGGING ###
11638 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11639 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11640--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11641+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11642 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11643 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11644 ### END LOGGING ###
11645@@ -5481,7 +5481,7 @@ COMMIT
11646 ### LOGGING ###
11647 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11648 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11649--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11650+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11651 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11652 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11653 ### END LOGGING ###
11654@@ -5519,7 +5519,7 @@ WARN: Checks disabled
11655 ### LOGGING ###
11656 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11657 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11658--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11659+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11660 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11661 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11662 ### END LOGGING ###
11663@@ -5555,7 +5555,7 @@ COMMIT
11664 ### LOGGING ###
11665 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11666 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11667--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11668+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11669 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11670 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11671 ### END LOGGING ###
11672@@ -5593,7 +5593,7 @@ WARN: Checks disabled
11673 ### LOGGING ###
11674 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11675 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11676--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11677+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11678 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11679 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11680 ### END LOGGING ###
11681@@ -5629,7 +5629,7 @@ COMMIT
11682 ### LOGGING ###
11683 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11684 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11685--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11686+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11687 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11688 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11689 ### END LOGGING ###
11690@@ -5667,7 +5667,7 @@ WARN: Checks disabled
11691 ### LOGGING ###
11692 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11693 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11694--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11695+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11696 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11697 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11698 ### END LOGGING ###
11699@@ -5703,7 +5703,7 @@ COMMIT
11700 ### LOGGING ###
11701 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11702 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11703--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11704+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11705 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11706 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11707 ### END LOGGING ###
11708@@ -5741,7 +5741,7 @@ WARN: Checks disabled
11709 ### LOGGING ###
11710 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11711 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11712--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11713+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11714 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11715 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11716 ### END LOGGING ###
11717@@ -5777,7 +5777,7 @@ COMMIT
11718 ### LOGGING ###
11719 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11720 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11721--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11722+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11723 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11724 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11725 ### END LOGGING ###
11726@@ -5815,7 +5815,7 @@ WARN: Checks disabled
11727 ### LOGGING ###
11728 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11729 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11730--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11731+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11732 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11733 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11734 ### END LOGGING ###
11735@@ -5851,7 +5851,7 @@ COMMIT
11736 ### LOGGING ###
11737 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11738 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11739--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11740+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11741 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11742 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11743 ### END LOGGING ###
11744@@ -5889,7 +5889,7 @@ WARN: Checks disabled
11745 ### LOGGING ###
11746 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11747 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11748--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11749+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11750 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11751 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11752 ### END LOGGING ###
11753@@ -5925,7 +5925,7 @@ COMMIT
11754 ### LOGGING ###
11755 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11756 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11757--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11758+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11759 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11760 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11761 ### END LOGGING ###
11762@@ -5999,7 +5999,7 @@ WARN: Checks disabled
11763 ### LOGGING ###
11764 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11765 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11766--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11767+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11768 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11769 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11770 ### END LOGGING ###
11771@@ -6034,7 +6034,7 @@ WARN: Checks disabled
11772 ### LOGGING ###
11773 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11774 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11775--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11776+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11777 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11778 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11779 ### END LOGGING ###
11780@@ -6069,7 +6069,7 @@ WARN: Checks disabled
11781 ### LOGGING ###
11782 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11783 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11784--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11785+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11786 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11787 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11788 ### END LOGGING ###
11789@@ -6104,7 +6104,7 @@ WARN: Checks disabled
11790 ### LOGGING ###
11791 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11792 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11793--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11794+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11795 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11796 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11797 ### END LOGGING ###
11798diff --git a/tests/ipv6/rules64/result b/tests/ipv6/rules64/result
11799index 8703253..cc2d397 100644
11800--- a/tests/ipv6/rules64/result
11801+++ b/tests/ipv6/rules64/result
11802@@ -29,7 +29,7 @@ WARN: Checks disabled
11803 ### LOGGING ###
11804 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11805 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11806--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11807+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11808 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11809 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11810 ### END LOGGING ###
11811@@ -66,7 +66,7 @@ COMMIT
11812 ### LOGGING ###
11813 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11814 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11815--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11816+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11817 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11818 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11819 ### END LOGGING ###
11820@@ -104,7 +104,7 @@ WARN: Checks disabled
11821 ### LOGGING ###
11822 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11823 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11824--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11825+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11826 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11827 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11828 ### END LOGGING ###
11829@@ -140,7 +140,7 @@ COMMIT
11830 ### LOGGING ###
11831 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11832 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11833--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11834+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11835 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11836 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11837 ### END LOGGING ###
11838@@ -178,7 +178,7 @@ WARN: Checks disabled
11839 ### LOGGING ###
11840 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11841 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11842--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11843+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11844 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11845 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11846 ### END LOGGING ###
11847@@ -214,7 +214,7 @@ COMMIT
11848 ### LOGGING ###
11849 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11850 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11851--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11852+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11853 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11854 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11855 ### END LOGGING ###
11856@@ -252,7 +252,7 @@ WARN: Checks disabled
11857 ### LOGGING ###
11858 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11859 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11860--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11861+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11862 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11863 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11864 ### END LOGGING ###
11865@@ -288,7 +288,7 @@ COMMIT
11866 ### LOGGING ###
11867 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11868 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11869--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11870+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11871 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11872 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11873 ### END LOGGING ###
11874@@ -326,7 +326,7 @@ WARN: Checks disabled
11875 ### LOGGING ###
11876 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11877 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11878--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11879+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11880 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11881 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11882 ### END LOGGING ###
11883@@ -367,7 +367,7 @@ WARN: Checks disabled
11884 ### LOGGING ###
11885 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11886 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11887--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11888+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11889 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11890 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11891 ### END LOGGING ###
11892@@ -404,7 +404,7 @@ WARN: Checks disabled
11893 ### LOGGING ###
11894 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11895 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11896--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11897+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11898 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11899 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11900 ### END LOGGING ###
11901@@ -440,7 +440,7 @@ COMMIT
11902 ### LOGGING ###
11903 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11904 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11905--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11906+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11907 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11908 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11909 ### END LOGGING ###
11910@@ -475,7 +475,7 @@ WARN: Checks disabled
11911 ### LOGGING ###
11912 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11913 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11914--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11915+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11916 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11917 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11918 ### END LOGGING ###
11919@@ -508,7 +508,7 @@ COMMIT
11920 ### LOGGING ###
11921 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11922 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11923--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11924+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11925 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11926 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11927 ### END LOGGING ###
11928@@ -539,8 +539,8 @@ WARN: Checks disabled
11929 ### RULES ###
11930
11931 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
11932--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
11933--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
11934+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
11935+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
11936 -A ufw-user-input -p tcp --dport 22 -j ufw-user-limit-accept
11937
11938 ### END RULES ###
11939@@ -548,7 +548,7 @@ WARN: Checks disabled
11940 ### LOGGING ###
11941 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11942 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11943--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11944+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11945 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11946 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11947 ### END LOGGING ###
11948@@ -593,7 +593,7 @@ WARN: Checks disabled
11949 ### LOGGING ###
11950 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11951 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11952--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11953+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11954 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11955 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11956 ### END LOGGING ###
11957@@ -630,7 +630,7 @@ COMMIT
11958 ### LOGGING ###
11959 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11960 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11961--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11962+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11963 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11964 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11965 ### END LOGGING ###
11966@@ -668,7 +668,7 @@ WARN: Checks disabled
11967 ### LOGGING ###
11968 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11969 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11970--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11971+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11972 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11973 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11974 ### END LOGGING ###
11975@@ -704,7 +704,7 @@ COMMIT
11976 ### LOGGING ###
11977 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11978 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11979--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11980+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11981 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11982 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11983 ### END LOGGING ###
11984@@ -742,7 +742,7 @@ WARN: Checks disabled
11985 ### LOGGING ###
11986 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11987 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11988--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11989+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11990 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11991 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
11992 ### END LOGGING ###
11993@@ -785,7 +785,7 @@ WARN: Checks disabled
11994 ### LOGGING ###
11995 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11996 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
11997--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11998+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
11999 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12000 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12001 ### END LOGGING ###
12002@@ -828,7 +828,7 @@ WARN: Checks disabled
12003 ### LOGGING ###
12004 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12005 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12006--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12007+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12008 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12009 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12010 ### END LOGGING ###
12011@@ -871,7 +871,7 @@ WARN: Checks disabled
12012 ### LOGGING ###
12013 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12014 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12015--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12016+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12017 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12018 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12019 ### END LOGGING ###
12020@@ -914,7 +914,7 @@ WARN: Checks disabled
12021 ### LOGGING ###
12022 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12023 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12024--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12025+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12026 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12027 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12028 ### END LOGGING ###
12029@@ -958,7 +958,7 @@ WARN: Checks disabled
12030 ### LOGGING ###
12031 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12032 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12033--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12034+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12035 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12036 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12037 ### END LOGGING ###
12038@@ -994,7 +994,7 @@ COMMIT
12039 ### LOGGING ###
12040 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12041 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12042--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12043+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12044 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12045 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12046 ### END LOGGING ###
12047@@ -1029,7 +1029,7 @@ WARN: Checks disabled
12048 ### LOGGING ###
12049 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12050 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12051--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12052+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12053 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12054 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12055 ### END LOGGING ###
12056@@ -1062,7 +1062,7 @@ COMMIT
12057 ### LOGGING ###
12058 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12059 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12060--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12061+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12062 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12063 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12064 ### END LOGGING ###
12065@@ -1100,7 +1100,7 @@ WARN: Checks disabled
12066 ### LOGGING ###
12067 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12068 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12069--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12070+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12071 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12072 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12073 ### END LOGGING ###
12074@@ -1136,7 +1136,7 @@ COMMIT
12075 ### LOGGING ###
12076 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12077 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12078--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12079+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12080 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12081 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12082 ### END LOGGING ###
12083@@ -1171,7 +1171,7 @@ WARN: Checks disabled
12084 ### LOGGING ###
12085 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12086 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12087--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12088+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12089 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12090 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12091 ### END LOGGING ###
12092@@ -1204,7 +1204,7 @@ COMMIT
12093 ### LOGGING ###
12094 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12095 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12096--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12097+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12098 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12099 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12100 ### END LOGGING ###
12101@@ -1242,7 +1242,7 @@ WARN: Checks disabled
12102 ### LOGGING ###
12103 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12104 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12105--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12106+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12107 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12108 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12109 ### END LOGGING ###
12110@@ -1278,7 +1278,7 @@ COMMIT
12111 ### LOGGING ###
12112 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12113 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12114--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12115+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12116 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12117 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12118 ### END LOGGING ###
12119@@ -1313,7 +1313,7 @@ WARN: Checks disabled
12120 ### LOGGING ###
12121 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12122 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12123--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12124+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12125 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12126 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12127 ### END LOGGING ###
12128@@ -1346,7 +1346,7 @@ COMMIT
12129 ### LOGGING ###
12130 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12131 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12132--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12133+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12134 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12135 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12136 ### END LOGGING ###
12137@@ -1384,7 +1384,7 @@ WARN: Checks disabled
12138 ### LOGGING ###
12139 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12140 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12141--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12142+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12143 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12144 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12145 ### END LOGGING ###
12146@@ -1420,7 +1420,7 @@ COMMIT
12147 ### LOGGING ###
12148 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12149 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12150--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12151+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12152 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12153 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12154 ### END LOGGING ###
12155@@ -1455,7 +1455,7 @@ WARN: Checks disabled
12156 ### LOGGING ###
12157 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12158 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12159--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12160+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12161 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12162 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12163 ### END LOGGING ###
12164@@ -1488,7 +1488,7 @@ COMMIT
12165 ### LOGGING ###
12166 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12167 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12168--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12169+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12170 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12171 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12172 ### END LOGGING ###
12173@@ -1527,7 +1527,7 @@ WARN: Checks disabled
12174 ### LOGGING ###
12175 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12176 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12177--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12178+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12179 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12180 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12181 ### END LOGGING ###
12182@@ -1564,7 +1564,7 @@ COMMIT
12183 ### LOGGING ###
12184 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12185 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12186--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12187+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12188 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12189 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12190 ### END LOGGING ###
12191@@ -1599,7 +1599,7 @@ WARN: Checks disabled
12192 ### LOGGING ###
12193 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12194 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12195--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12196+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12197 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12198 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12199 ### END LOGGING ###
12200@@ -1632,7 +1632,7 @@ COMMIT
12201 ### LOGGING ###
12202 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12203 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12204--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12205+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12206 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12207 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12208 ### END LOGGING ###
12209@@ -1670,7 +1670,7 @@ WARN: Checks disabled
12210 ### LOGGING ###
12211 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12212 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12213--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12214+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12215 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12216 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12217 ### END LOGGING ###
12218@@ -1706,7 +1706,7 @@ COMMIT
12219 ### LOGGING ###
12220 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12221 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12222--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12223+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12224 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12225 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12226 ### END LOGGING ###
12227@@ -1741,7 +1741,7 @@ WARN: Checks disabled
12228 ### LOGGING ###
12229 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12230 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12231--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12232+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12233 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12234 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12235 ### END LOGGING ###
12236@@ -1774,7 +1774,7 @@ COMMIT
12237 ### LOGGING ###
12238 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12239 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12240--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12241+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12242 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12243 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12244 ### END LOGGING ###
12245@@ -1812,7 +1812,7 @@ WARN: Checks disabled
12246 ### LOGGING ###
12247 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12248 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12249--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12250+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12251 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12252 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12253 ### END LOGGING ###
12254@@ -1848,7 +1848,7 @@ COMMIT
12255 ### LOGGING ###
12256 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12257 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12258--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12259+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12260 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12261 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12262 ### END LOGGING ###
12263@@ -1883,7 +1883,7 @@ WARN: Checks disabled
12264 ### LOGGING ###
12265 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12266 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12267--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12268+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12269 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12270 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12271 ### END LOGGING ###
12272@@ -1916,7 +1916,7 @@ COMMIT
12273 ### LOGGING ###
12274 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12275 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12276--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12277+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12278 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12279 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12280 ### END LOGGING ###
12281@@ -1955,7 +1955,7 @@ WARN: Checks disabled
12282 ### LOGGING ###
12283 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12284 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12285--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12286+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12287 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12288 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12289 ### END LOGGING ###
12290@@ -1991,7 +1991,7 @@ COMMIT
12291 ### LOGGING ###
12292 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12293 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12294--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12295+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12296 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12297 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12298 ### END LOGGING ###
12299@@ -2026,7 +2026,7 @@ WARN: Checks disabled
12300 ### LOGGING ###
12301 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12302 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12303--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12304+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12305 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12306 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12307 ### END LOGGING ###
12308@@ -2059,7 +2059,7 @@ COMMIT
12309 ### LOGGING ###
12310 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12311 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12312--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12313+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12314 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12315 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12316 ### END LOGGING ###
12317@@ -2097,7 +2097,7 @@ WARN: Checks disabled
12318 ### LOGGING ###
12319 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12320 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12321--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12322+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12323 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12324 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12325 ### END LOGGING ###
12326@@ -2133,7 +2133,7 @@ COMMIT
12327 ### LOGGING ###
12328 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12329 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12330--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12331+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12332 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12333 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12334 ### END LOGGING ###
12335@@ -2168,7 +2168,7 @@ WARN: Checks disabled
12336 ### LOGGING ###
12337 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12338 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12339--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12340+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12341 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12342 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12343 ### END LOGGING ###
12344@@ -2201,7 +2201,7 @@ COMMIT
12345 ### LOGGING ###
12346 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12347 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12348--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12349+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12350 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12351 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12352 ### END LOGGING ###
12353@@ -2240,7 +2240,7 @@ WARN: Checks disabled
12354 ### LOGGING ###
12355 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12356 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12357--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12358+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12359 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12360 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12361 ### END LOGGING ###
12362@@ -2277,7 +2277,7 @@ COMMIT
12363 ### LOGGING ###
12364 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12365 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12366--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12367+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12368 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12369 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12370 ### END LOGGING ###
12371@@ -2312,7 +2312,7 @@ WARN: Checks disabled
12372 ### LOGGING ###
12373 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12374 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12375--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12376+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12377 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12378 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12379 ### END LOGGING ###
12380@@ -2345,7 +2345,7 @@ COMMIT
12381 ### LOGGING ###
12382 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12383 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12384--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12385+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12386 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12387 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12388 ### END LOGGING ###
12389@@ -2384,7 +2384,7 @@ WARN: Checks disabled
12390 ### LOGGING ###
12391 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12392 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12393--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12394+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12395 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12396 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12397 ### END LOGGING ###
12398@@ -2428,7 +2428,7 @@ WARN: Checks disabled
12399 ### LOGGING ###
12400 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12401 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12402--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12403+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12404 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12405 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12406 ### END LOGGING ###
12407@@ -2471,7 +2471,7 @@ WARN: Checks disabled
12408 ### LOGGING ###
12409 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12410 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12411--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12412+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12413 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12414 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12415 ### END LOGGING ###
12416@@ -2514,7 +2514,7 @@ WARN: Checks disabled
12417 ### LOGGING ###
12418 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12419 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12420--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12421+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12422 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12423 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12424 ### END LOGGING ###
12425@@ -2558,7 +2558,7 @@ WARN: Checks disabled
12426 ### LOGGING ###
12427 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12428 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12429--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12430+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12431 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12432 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12433 ### END LOGGING ###
12434@@ -2601,7 +2601,7 @@ WARN: Checks disabled
12435 ### LOGGING ###
12436 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12437 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12438--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12439+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12440 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12441 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12442 ### END LOGGING ###
12443@@ -2644,7 +2644,7 @@ WARN: Checks disabled
12444 ### LOGGING ###
12445 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12446 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12447--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12448+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12449 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12450 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12451 ### END LOGGING ###
12452@@ -2685,7 +2685,7 @@ WARN: Checks disabled
12453 ### LOGGING ###
12454 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12455 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12456--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12457+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12458 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12459 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12460 ### END LOGGING ###
12461@@ -2720,7 +2720,7 @@ WARN: Checks disabled
12462 ### LOGGING ###
12463 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12464 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12465--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12466+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12467 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12468 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12469 ### END LOGGING ###
12470@@ -2755,7 +2755,7 @@ WARN: Checks disabled
12471 ### LOGGING ###
12472 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12473 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12474--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12475+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12476 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12477 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12478 ### END LOGGING ###
12479@@ -2790,7 +2790,7 @@ WARN: Checks disabled
12480 ### LOGGING ###
12481 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12482 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12483--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12484+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12485 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12486 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12487 ### END LOGGING ###
12488@@ -2825,7 +2825,7 @@ WARN: Checks disabled
12489 ### LOGGING ###
12490 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12491 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12492--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12493+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12494 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12495 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12496 ### END LOGGING ###
12497@@ -2860,7 +2860,7 @@ WARN: Checks disabled
12498 ### LOGGING ###
12499 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12500 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12501--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12502+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12503 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12504 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12505 ### END LOGGING ###
12506@@ -2895,7 +2895,7 @@ WARN: Checks disabled
12507 ### LOGGING ###
12508 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12509 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12510--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12511+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12512 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12513 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12514 ### END LOGGING ###
12515@@ -3472,7 +3472,7 @@ WARN: Checks disabled
12516 ### LOGGING ###
12517 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12518 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12519--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12520+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12521 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12522 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12523 ### END LOGGING ###
12524@@ -3515,7 +3515,7 @@ WARN: Checks disabled
12525 ### LOGGING ###
12526 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12527 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12528--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12529+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12530 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12531 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12532 ### END LOGGING ###
12533@@ -3558,7 +3558,7 @@ WARN: Checks disabled
12534 ### LOGGING ###
12535 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12536 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12537--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12538+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12539 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12540 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12541 ### END LOGGING ###
12542@@ -3601,7 +3601,7 @@ WARN: Checks disabled
12543 ### LOGGING ###
12544 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12545 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12546--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12547+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12548 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12549 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12550 ### END LOGGING ###
12551@@ -3644,7 +3644,7 @@ WARN: Checks disabled
12552 ### LOGGING ###
12553 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12554 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12555--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12556+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12557 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12558 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12559 ### END LOGGING ###
12560@@ -3687,7 +3687,7 @@ WARN: Checks disabled
12561 ### LOGGING ###
12562 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12563 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12564--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12565+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12566 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12567 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12568 ### END LOGGING ###
12569@@ -3728,7 +3728,7 @@ WARN: Checks disabled
12570 ### LOGGING ###
12571 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12572 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12573--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12574+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12575 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12576 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12577 ### END LOGGING ###
12578@@ -3763,7 +3763,7 @@ WARN: Checks disabled
12579 ### LOGGING ###
12580 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12581 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12582--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12583+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12584 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12585 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12586 ### END LOGGING ###
12587@@ -3798,7 +3798,7 @@ WARN: Checks disabled
12588 ### LOGGING ###
12589 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12590 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12591--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12592+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12593 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12594 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12595 ### END LOGGING ###
12596@@ -3833,7 +3833,7 @@ WARN: Checks disabled
12597 ### LOGGING ###
12598 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12599 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12600--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12601+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12602 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12603 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12604 ### END LOGGING ###
12605@@ -3868,7 +3868,7 @@ WARN: Checks disabled
12606 ### LOGGING ###
12607 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12608 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12609--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12610+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12611 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12612 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12613 ### END LOGGING ###
12614@@ -3903,7 +3903,7 @@ WARN: Checks disabled
12615 ### LOGGING ###
12616 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12617 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12618--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12619+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12620 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12621 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12622 ### END LOGGING ###
12623@@ -3940,7 +3940,7 @@ WARN: Checks disabled
12624 ### LOGGING ###
12625 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12626 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12627--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12628+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12629 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12630 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12631 ### END LOGGING ###
12632@@ -3976,7 +3976,7 @@ COMMIT
12633 ### LOGGING ###
12634 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12635 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12636--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12637+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12638 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12639 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12640 ### END LOGGING ###
12641@@ -4014,7 +4014,7 @@ WARN: Checks disabled
12642 ### LOGGING ###
12643 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12644 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12645--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12646+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12647 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12648 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12649 ### END LOGGING ###
12650@@ -4050,7 +4050,7 @@ COMMIT
12651 ### LOGGING ###
12652 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12653 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12654--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12655+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12656 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12657 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12658 ### END LOGGING ###
12659@@ -4088,7 +4088,7 @@ WARN: Checks disabled
12660 ### LOGGING ###
12661 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12662 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12663--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12664+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12665 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12666 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12667 ### END LOGGING ###
12668@@ -4124,7 +4124,7 @@ COMMIT
12669 ### LOGGING ###
12670 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12671 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12672--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12673+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12674 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12675 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12676 ### END LOGGING ###
12677@@ -4162,7 +4162,7 @@ WARN: Checks disabled
12678 ### LOGGING ###
12679 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12680 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12681--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12682+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12683 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12684 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12685 ### END LOGGING ###
12686@@ -4198,7 +4198,7 @@ COMMIT
12687 ### LOGGING ###
12688 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12689 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12690--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12691+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12692 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12693 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12694 ### END LOGGING ###
12695@@ -4236,7 +4236,7 @@ WARN: Checks disabled
12696 ### LOGGING ###
12697 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12698 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12699--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12700+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12701 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12702 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12703 ### END LOGGING ###
12704@@ -4272,7 +4272,7 @@ COMMIT
12705 ### LOGGING ###
12706 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12707 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12708--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12709+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12710 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12711 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12712 ### END LOGGING ###
12713@@ -4310,7 +4310,7 @@ WARN: Checks disabled
12714 ### LOGGING ###
12715 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12716 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12717--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12718+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12719 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12720 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12721 ### END LOGGING ###
12722@@ -4346,7 +4346,7 @@ COMMIT
12723 ### LOGGING ###
12724 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12725 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12726--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12727+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12728 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12729 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12730 ### END LOGGING ###
12731@@ -4384,7 +4384,7 @@ WARN: Checks disabled
12732 ### LOGGING ###
12733 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12734 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12735--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12736+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12737 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12738 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12739 ### END LOGGING ###
12740@@ -4420,7 +4420,7 @@ COMMIT
12741 ### LOGGING ###
12742 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12743 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12744--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12745+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12746 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12747 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12748 ### END LOGGING ###
12749@@ -4458,7 +4458,7 @@ WARN: Checks disabled
12750 ### LOGGING ###
12751 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12752 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12753--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12754+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12755 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12756 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12757 ### END LOGGING ###
12758@@ -4494,7 +4494,7 @@ COMMIT
12759 ### LOGGING ###
12760 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12761 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12762--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12763+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12764 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12765 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12766 ### END LOGGING ###
12767@@ -4532,7 +4532,7 @@ WARN: Checks disabled
12768 ### LOGGING ###
12769 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12770 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12771--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12772+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12773 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12774 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12775 ### END LOGGING ###
12776@@ -4568,7 +4568,7 @@ COMMIT
12777 ### LOGGING ###
12778 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12779 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12780--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12781+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12782 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12783 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12784 ### END LOGGING ###
12785@@ -4606,7 +4606,7 @@ WARN: Checks disabled
12786 ### LOGGING ###
12787 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12788 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12789--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12790+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12791 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12792 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12793 ### END LOGGING ###
12794@@ -4642,7 +4642,7 @@ COMMIT
12795 ### LOGGING ###
12796 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12797 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12798--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12799+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12800 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12801 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12802 ### END LOGGING ###
12803@@ -4680,7 +4680,7 @@ WARN: Checks disabled
12804 ### LOGGING ###
12805 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12806 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12807--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12808+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12809 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12810 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12811 ### END LOGGING ###
12812@@ -4716,7 +4716,7 @@ COMMIT
12813 ### LOGGING ###
12814 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12815 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12816--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12817+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12818 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12819 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12820 ### END LOGGING ###
12821@@ -4754,7 +4754,7 @@ WARN: Checks disabled
12822 ### LOGGING ###
12823 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12824 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12825--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12826+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12827 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12828 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12829 ### END LOGGING ###
12830@@ -4790,7 +4790,7 @@ COMMIT
12831 ### LOGGING ###
12832 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12833 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12834--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12835+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12836 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12837 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12838 ### END LOGGING ###
12839@@ -4828,7 +4828,7 @@ WARN: Checks disabled
12840 ### LOGGING ###
12841 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12842 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12843--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12844+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12845 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12846 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12847 ### END LOGGING ###
12848@@ -4864,7 +4864,7 @@ COMMIT
12849 ### LOGGING ###
12850 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12851 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12852--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12853+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12854 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12855 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12856 ### END LOGGING ###
12857@@ -4902,7 +4902,7 @@ WARN: Checks disabled
12858 ### LOGGING ###
12859 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12860 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12861--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12862+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12863 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12864 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12865 ### END LOGGING ###
12866@@ -4938,7 +4938,7 @@ COMMIT
12867 ### LOGGING ###
12868 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12869 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12870--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12871+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12872 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12873 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12874 ### END LOGGING ###
12875@@ -4976,7 +4976,7 @@ WARN: Checks disabled
12876 ### LOGGING ###
12877 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12878 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12879--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12880+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12881 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12882 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12883 ### END LOGGING ###
12884@@ -5012,7 +5012,7 @@ COMMIT
12885 ### LOGGING ###
12886 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12887 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12888--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12889+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12890 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12891 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12892 ### END LOGGING ###
12893@@ -5050,7 +5050,7 @@ WARN: Checks disabled
12894 ### LOGGING ###
12895 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12896 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12897--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12898+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12899 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12900 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12901 ### END LOGGING ###
12902@@ -5086,7 +5086,7 @@ COMMIT
12903 ### LOGGING ###
12904 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12905 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12906--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12907+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12908 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12909 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12910 ### END LOGGING ###
12911@@ -5117,8 +5117,8 @@ WARN: Checks disabled
12912 ### RULES ###
12913
12914 ### tuple ### limit tcp 34,35 0.0.0.0/0 any 0.0.0.0/0 in
12915--A ufw-user-input -p tcp -m multiport --dports 34,35 -m state --state NEW -m recent --set
12916--A ufw-user-input -p tcp -m multiport --dports 34,35 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12917+-A ufw-user-input -p tcp -m multiport --dports 34,35 -m conntrack --ctstate NEW -m recent --set
12918+-A ufw-user-input -p tcp -m multiport --dports 34,35 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12919 -A ufw-user-input -p tcp -m multiport --dports 34,35 -j ufw-user-limit-accept
12920
12921 ### END RULES ###
12922@@ -5126,7 +5126,7 @@ WARN: Checks disabled
12923 ### LOGGING ###
12924 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12925 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12926--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12927+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12928 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12929 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12930 ### END LOGGING ###
12931@@ -5163,8 +5163,8 @@ WARN: Checks disabled
12932 ### RULES ###
12933
12934 ### tuple ### limit tcp 34,35:39 0.0.0.0/0 any 0.0.0.0/0 in
12935--A ufw-user-input -p tcp -m multiport --dports 34,35:39 -m state --state NEW -m recent --set
12936--A ufw-user-input -p tcp -m multiport --dports 34,35:39 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12937+-A ufw-user-input -p tcp -m multiport --dports 34,35:39 -m conntrack --ctstate NEW -m recent --set
12938+-A ufw-user-input -p tcp -m multiport --dports 34,35:39 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12939 -A ufw-user-input -p tcp -m multiport --dports 34,35:39 -j ufw-user-limit-accept
12940
12941 ### END RULES ###
12942@@ -5172,7 +5172,7 @@ WARN: Checks disabled
12943 ### LOGGING ###
12944 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12945 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12946--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12947+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12948 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12949 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12950 ### END LOGGING ###
12951@@ -5209,8 +5209,8 @@ WARN: Checks disabled
12952 ### RULES ###
12953
12954 ### tuple ### limit tcp 35:39 0.0.0.0/0 any 0.0.0.0/0 in
12955--A ufw-user-input -p tcp -m multiport --dports 35:39 -m state --state NEW -m recent --set
12956--A ufw-user-input -p tcp -m multiport --dports 35:39 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12957+-A ufw-user-input -p tcp -m multiport --dports 35:39 -m conntrack --ctstate NEW -m recent --set
12958+-A ufw-user-input -p tcp -m multiport --dports 35:39 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12959 -A ufw-user-input -p tcp -m multiport --dports 35:39 -j ufw-user-limit-accept
12960
12961 ### END RULES ###
12962@@ -5218,7 +5218,7 @@ WARN: Checks disabled
12963 ### LOGGING ###
12964 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12965 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12966--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12967+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12968 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12969 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12970 ### END LOGGING ###
12971@@ -5255,8 +5255,8 @@ WARN: Checks disabled
12972 ### RULES ###
12973
12974 ### tuple ### limit tcp 15:19,21,22,23 0.0.0.0/0 any 0.0.0.0/0 in
12975--A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -m state --state NEW -m recent --set
12976--A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12977+-A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -m conntrack --ctstate NEW -m recent --set
12978+-A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12979 -A ufw-user-input -p tcp -m multiport --dports 15:19,21,22,23 -j ufw-user-limit-accept
12980
12981 ### END RULES ###
12982@@ -5264,7 +5264,7 @@ WARN: Checks disabled
12983 ### LOGGING ###
12984 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12985 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12986--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12987+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
12988 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
12989 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
12990 ### END LOGGING ###
12991@@ -5301,8 +5301,8 @@ WARN: Checks disabled
12992 ### RULES ###
12993
12994 ### tuple ### limit udp 34,35 0.0.0.0/0 any 0.0.0.0/0 in
12995--A ufw-user-input -p udp -m multiport --dports 34,35 -m state --state NEW -m recent --set
12996--A ufw-user-input -p udp -m multiport --dports 34,35 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12997+-A ufw-user-input -p udp -m multiport --dports 34,35 -m conntrack --ctstate NEW -m recent --set
12998+-A ufw-user-input -p udp -m multiport --dports 34,35 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
12999 -A ufw-user-input -p udp -m multiport --dports 34,35 -j ufw-user-limit-accept
13000
13001 ### END RULES ###
13002@@ -5310,7 +5310,7 @@ WARN: Checks disabled
13003 ### LOGGING ###
13004 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13005 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13006--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13007+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13008 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13009 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13010 ### END LOGGING ###
13011@@ -5347,8 +5347,8 @@ WARN: Checks disabled
13012 ### RULES ###
13013
13014 ### tuple ### limit udp 34,35:39 0.0.0.0/0 any 0.0.0.0/0 in
13015--A ufw-user-input -p udp -m multiport --dports 34,35:39 -m state --state NEW -m recent --set
13016--A ufw-user-input -p udp -m multiport --dports 34,35:39 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13017+-A ufw-user-input -p udp -m multiport --dports 34,35:39 -m conntrack --ctstate NEW -m recent --set
13018+-A ufw-user-input -p udp -m multiport --dports 34,35:39 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13019 -A ufw-user-input -p udp -m multiport --dports 34,35:39 -j ufw-user-limit-accept
13020
13021 ### END RULES ###
13022@@ -5356,7 +5356,7 @@ WARN: Checks disabled
13023 ### LOGGING ###
13024 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13025 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13026--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13027+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13028 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13029 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13030 ### END LOGGING ###
13031@@ -5393,8 +5393,8 @@ WARN: Checks disabled
13032 ### RULES ###
13033
13034 ### tuple ### limit udp 35:39 0.0.0.0/0 any 0.0.0.0/0 in
13035--A ufw-user-input -p udp -m multiport --dports 35:39 -m state --state NEW -m recent --set
13036--A ufw-user-input -p udp -m multiport --dports 35:39 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13037+-A ufw-user-input -p udp -m multiport --dports 35:39 -m conntrack --ctstate NEW -m recent --set
13038+-A ufw-user-input -p udp -m multiport --dports 35:39 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13039 -A ufw-user-input -p udp -m multiport --dports 35:39 -j ufw-user-limit-accept
13040
13041 ### END RULES ###
13042@@ -5402,7 +5402,7 @@ WARN: Checks disabled
13043 ### LOGGING ###
13044 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13045 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13046--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13047+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13048 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13049 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13050 ### END LOGGING ###
13051@@ -5439,8 +5439,8 @@ WARN: Checks disabled
13052 ### RULES ###
13053
13054 ### tuple ### limit udp 15:19,21,22,23 0.0.0.0/0 any 0.0.0.0/0 in
13055--A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m state --state NEW -m recent --set
13056--A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13057+-A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m conntrack --ctstate NEW -m recent --set
13058+-A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13059 -A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -j ufw-user-limit-accept
13060
13061 ### END RULES ###
13062@@ -5448,7 +5448,7 @@ WARN: Checks disabled
13063 ### LOGGING ###
13064 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13065 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13066--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13067+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13068 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13069 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13070 ### END LOGGING ###
13071@@ -5493,7 +5493,7 @@ WARN: Checks disabled
13072 ### LOGGING ###
13073 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13074 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13075--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13076+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13077 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13078 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13079 ### END LOGGING ###
13080@@ -5529,7 +5529,7 @@ COMMIT
13081 ### LOGGING ###
13082 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13083 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13084--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13085+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13086 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13087 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13088 ### END LOGGING ###
13089@@ -5568,7 +5568,7 @@ WARN: Checks disabled
13090 ### LOGGING ###
13091 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13092 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13093--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13094+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13095 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13096 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13097 ### END LOGGING ###
13098@@ -5604,7 +5604,7 @@ COMMIT
13099 ### LOGGING ###
13100 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13101 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13102--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13103+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13104 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13105 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13106 ### END LOGGING ###
13107@@ -5639,7 +5639,7 @@ WARN: Checks disabled
13108 ### LOGGING ###
13109 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13110 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13111--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13112+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13113 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13114 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13115 ### END LOGGING ###
13116@@ -5672,7 +5672,7 @@ COMMIT
13117 ### LOGGING ###
13118 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13119 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13120--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13121+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13122 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13123 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13124 ### END LOGGING ###
13125@@ -5710,7 +5710,7 @@ WARN: Checks disabled
13126 ### LOGGING ###
13127 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13128 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13129--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13130+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13131 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13132 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13133 ### END LOGGING ###
13134@@ -5750,7 +5750,7 @@ WARN: Checks disabled
13135 ### LOGGING ###
13136 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13137 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13138--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13139+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13140 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13141 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13142 ### END LOGGING ###
13143@@ -5794,7 +5794,7 @@ WARN: Checks disabled
13144 ### LOGGING ###
13145 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13146 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13147--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13148+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13149 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13150 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13151 ### END LOGGING ###
13152@@ -5831,7 +5831,7 @@ COMMIT
13153 ### LOGGING ###
13154 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13155 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13156--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13157+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13158 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13159 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13160 ### END LOGGING ###
13161@@ -5869,7 +5869,7 @@ WARN: Checks disabled
13162 ### LOGGING ###
13163 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13164 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13165--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13166+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13167 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13168 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13169 ### END LOGGING ###
13170@@ -5905,7 +5905,7 @@ COMMIT
13171 ### LOGGING ###
13172 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13173 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13174--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13175+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13176 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13177 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13178 ### END LOGGING ###
13179@@ -5943,7 +5943,7 @@ WARN: Checks disabled
13180 ### LOGGING ###
13181 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13182 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13183--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13184+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13185 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13186 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13187 ### END LOGGING ###
13188@@ -5979,7 +5979,7 @@ COMMIT
13189 ### LOGGING ###
13190 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13191 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13192--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13193+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13194 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13195 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13196 ### END LOGGING ###
13197@@ -6017,7 +6017,7 @@ WARN: Checks disabled
13198 ### LOGGING ###
13199 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13200 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13201--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13202+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13203 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13204 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13205 ### END LOGGING ###
13206@@ -6053,7 +6053,7 @@ COMMIT
13207 ### LOGGING ###
13208 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13209 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13210--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13211+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13212 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13213 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13214 ### END LOGGING ###
13215@@ -6091,7 +6091,7 @@ WARN: Checks disabled
13216 ### LOGGING ###
13217 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13218 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13219--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13220+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13221 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13222 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13223 ### END LOGGING ###
13224@@ -6127,7 +6127,7 @@ COMMIT
13225 ### LOGGING ###
13226 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13227 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13228--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13229+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13230 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13231 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13232 ### END LOGGING ###
13233@@ -6164,7 +6164,7 @@ WARN: Checks disabled
13234 ### LOGGING ###
13235 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13236 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13237--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13238+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13239 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13240 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13241 ### END LOGGING ###
13242@@ -6199,7 +6199,7 @@ WARN: Checks disabled
13243 ### LOGGING ###
13244 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13245 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13246--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13247+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13248 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13249 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13250 ### END LOGGING ###
13251@@ -6234,7 +6234,7 @@ WARN: Checks disabled
13252 ### LOGGING ###
13253 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13254 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13255--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13256+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13257 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13258 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13259 ### END LOGGING ###
13260@@ -6295,7 +6295,7 @@ ipv4 rule in ipv4 section
13261 ### LOGGING ###
13262 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13263 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13264--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13265+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13266 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13267 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13268 ### END LOGGING ###
13269@@ -6336,7 +6336,7 @@ COMMIT
13270 ### LOGGING ###
13271 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13272 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13273--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13274+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13275 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13276 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13277 ### END LOGGING ###
13278@@ -6380,7 +6380,7 @@ ipv6 rule in ipv6 section
13279 ### LOGGING ###
13280 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13281 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13282--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13283+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13284 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13285 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13286 ### END LOGGING ###
13287@@ -6425,7 +6425,7 @@ COMMIT
13288 ### LOGGING ###
13289 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13290 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13291--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13292+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13293 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13294 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13295 ### END LOGGING ###
13296@@ -6487,7 +6487,7 @@ ipv4 rule in ipv6 section
13297 ### LOGGING ###
13298 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13299 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13300--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13301+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13302 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13303 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13304 ### END LOGGING ###
13305@@ -6532,7 +6532,7 @@ COMMIT
13306 ### LOGGING ###
13307 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13308 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13309--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13310+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13311 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13312 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13313 ### END LOGGING ###
13314@@ -6572,11 +6572,11 @@ COMMIT
13315 -A ufw-user-input -p udp -d 127.0.0.1 --dport 23 -j ACCEPT
13316
13317 ### tuple ### allow_log any 8888 0.0.0.0/0 any 0.0.0.0/0 in
13318--A ufw-user-logging-input -p tcp --dport 8888 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13319+-A ufw-user-logging-input -p tcp --dport 8888 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13320 -A ufw-user-logging-input -p tcp --dport 8888 -j RETURN
13321 -A ufw-user-input -p tcp --dport 8888 -j ufw-user-logging-input
13322 -A ufw-user-input -p tcp --dport 8888 -j ACCEPT
13323--A ufw-user-logging-input -p udp --dport 8888 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13324+-A ufw-user-logging-input -p udp --dport 8888 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13325 -A ufw-user-logging-input -p udp --dport 8888 -j RETURN
13326 -A ufw-user-input -p udp --dport 8888 -j ufw-user-logging-input
13327 -A ufw-user-input -p udp --dport 8888 -j ACCEPT
13328@@ -6586,7 +6586,7 @@ COMMIT
13329 ### LOGGING ###
13330 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13331 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13332--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13333+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13334 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13335 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13336 ### END LOGGING ###
13337@@ -6619,11 +6619,11 @@ COMMIT
13338 -A ufw6-user-input -p udp -d ::1 --dport 24 -j ACCEPT
13339
13340 ### tuple ### allow_log any 8888 ::/0 any ::/0 in
13341--A ufw6-user-logging-input -p tcp --dport 8888 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13342+-A ufw6-user-logging-input -p tcp --dport 8888 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13343 -A ufw6-user-logging-input -p tcp --dport 8888 -j RETURN
13344 -A ufw6-user-input -p tcp --dport 8888 -j ufw6-user-logging-input
13345 -A ufw6-user-input -p tcp --dport 8888 -j ACCEPT
13346--A ufw6-user-logging-input -p udp --dport 8888 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13347+-A ufw6-user-logging-input -p udp --dport 8888 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13348 -A ufw6-user-logging-input -p udp --dport 8888 -j RETURN
13349 -A ufw6-user-input -p udp --dport 8888 -j ufw6-user-logging-input
13350 -A ufw6-user-input -p udp --dport 8888 -j ACCEPT
13351@@ -6637,7 +6637,7 @@ COMMIT
13352 ### LOGGING ###
13353 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13354 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13355--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13356+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13357 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13358 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13359 ### END LOGGING ###
13360@@ -6681,7 +6681,7 @@ COMMIT
13361 ### LOGGING ###
13362 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13363 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13364--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13365+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13366 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13367 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13368 ### END LOGGING ###
13369@@ -6714,7 +6714,7 @@ COMMIT
13370 ### LOGGING ###
13371 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13372 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13373--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13374+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13375 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13376 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13377 ### END LOGGING ###
13378@@ -6768,7 +6768,7 @@ Interfaces
13379 ### LOGGING ###
13380 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13381 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13382--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13383+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13384 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13385 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13386 ### END LOGGING ###
13387@@ -6810,7 +6810,7 @@ COMMIT
13388 ### LOGGING ###
13389 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13390 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13391--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13392+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13393 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13394 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13395 ### END LOGGING ###
13396@@ -6854,7 +6854,7 @@ COMMIT
13397 ### LOGGING ###
13398 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13399 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13400--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13401+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13402 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13403 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13404 ### END LOGGING ###
13405@@ -6887,7 +6887,7 @@ COMMIT
13406 ### LOGGING ###
13407 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13408 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13409--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13410+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13411 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13412 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13413 ### END LOGGING ###
13414@@ -6940,7 +6940,7 @@ COMMIT
13415 ### LOGGING ###
13416 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13417 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13418--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13419+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13420 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13421 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13422 ### END LOGGING ###
13423@@ -6982,7 +6982,7 @@ COMMIT
13424 ### LOGGING ###
13425 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13426 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13427--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13428+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13429 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13430 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13431 ### END LOGGING ###
13432@@ -7026,7 +7026,7 @@ COMMIT
13433 ### LOGGING ###
13434 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13435 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13436--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13437+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13438 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13439 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13440 ### END LOGGING ###
13441@@ -7059,7 +7059,7 @@ COMMIT
13442 ### LOGGING ###
13443 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13444 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13445--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13446+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13447 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13448 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13449 ### END LOGGING ###
13450@@ -7094,7 +7094,7 @@ WARN: Checks disabled
13451 ### LOGGING ###
13452 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13453 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13454--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13455+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13456 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13457 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13458 ### END LOGGING ###
13459@@ -7137,7 +7137,7 @@ WARN: Checks disabled
13460 ### LOGGING ###
13461 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13462 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13463--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13464+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13465 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13466 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13467 ### END LOGGING ###
13468@@ -7180,7 +7180,7 @@ WARN: Checks disabled
13469 ### LOGGING ###
13470 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13471 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13472--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13473+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13474 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13475 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13476 ### END LOGGING ###
13477@@ -7223,7 +7223,7 @@ WARN: Checks disabled
13478 ### LOGGING ###
13479 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13480 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13481--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13482+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13483 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13484 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13485 ### END LOGGING ###
13486@@ -7264,7 +7264,7 @@ WARN: Checks disabled
13487 ### LOGGING ###
13488 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13489 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13490--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13491+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13492 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13493 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13494 ### END LOGGING ###
13495@@ -7299,7 +7299,7 @@ WARN: Checks disabled
13496 ### LOGGING ###
13497 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13498 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13499--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13500+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13501 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13502 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13503 ### END LOGGING ###
13504@@ -7334,7 +7334,7 @@ WARN: Checks disabled
13505 ### LOGGING ###
13506 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13507 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13508--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13509+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13510 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13511 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13512 ### END LOGGING ###
13513@@ -7369,7 +7369,7 @@ WARN: Checks disabled
13514 ### LOGGING ###
13515 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13516 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13517--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13518+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13519 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13520 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13521 ### END LOGGING ###
13522@@ -7406,7 +7406,7 @@ WARN: Checks disabled
13523 ### LOGGING ###
13524 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13525 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13526--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13527+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13528 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13529 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13530 ### END LOGGING ###
13531@@ -7442,7 +7442,7 @@ COMMIT
13532 ### LOGGING ###
13533 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13534 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13535--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13536+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13537 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13538 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13539 ### END LOGGING ###
13540@@ -7480,7 +7480,7 @@ WARN: Checks disabled
13541 ### LOGGING ###
13542 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13543 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13544--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13545+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13546 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13547 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13548 ### END LOGGING ###
13549@@ -7516,7 +7516,7 @@ COMMIT
13550 ### LOGGING ###
13551 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13552 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13553--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13554+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13555 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13556 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13557 ### END LOGGING ###
13558diff --git a/tests/root/bugs/result b/tests/root/bugs/result
13559index e7ee4da..34bee1a 100644
13560--- a/tests/root/bugs/result
13561+++ b/tests/root/bugs/result
13562@@ -34,7 +34,7 @@ WARN: Checks disabled
13563 ### LOGGING ###
13564 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13565 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13566--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13567+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13568 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13569 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13570 ### END LOGGING ###
13571diff --git a/tests/root/live/result b/tests/root/live/result
13572index 78148f4..7b183c5 100644
13573--- a/tests/root/live/result
13574+++ b/tests/root/live/result
13575@@ -145,8 +145,8 @@ Anywhere ALLOW 192.168.0.0/16
13576 -A ufw-user-input -p udp -d 1.2.3.4 --dport 5469 -s 1.2.3.5 --sport 5469 -j ACCEPT
13577
13578 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
13579--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
13580--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13581+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
13582+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13583 ### tuple ### allow any 53 ::/0 any ::/0 in
13584 -A ufw6-user-input -p tcp --dport 53 -j ACCEPT
13585 -A ufw6-user-input -p udp --dport 53 -j ACCEPT
13586@@ -368,8 +368,8 @@ Anywhere ALLOW 192.168.0.0/16
13587 -A ufw-user-input -p udp -d 1.2.3.4 --dport 5469 -s 1.2.3.5 --sport 5469 -j ACCEPT
13588
13589 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
13590--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
13591--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13592+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
13593+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13594 TESTING ARGS (delete allow/deny to/from)
13595 48: delete allow 53
13596 WARN: Checks disabled
13597@@ -1057,8 +1057,8 @@ Status: active
13598 -A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
13599 --
13600 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 in_eth1
13601--A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
13602--A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13603+-A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
13604+-A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13605 --
13606 ### tuple ### allow any any 192.168.0.1 any 10.0.0.1 in_eth1
13607 -A ufw-user-input -i eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT
13608@@ -1072,8 +1072,8 @@ Status: active
13609 -A ufw-user-input -i eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
13610 --
13611 ### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 in_eth1
13612--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
13613--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13614+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
13615+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13616 --
13617 ### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth2
13618 -A ufw-user-input -i eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
13619@@ -1082,11 +1082,11 @@ Status: active
13620 -A ufw-user-input -i eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
13621
13622 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 in_eth0
13623--A ufw-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13624+-A ufw-user-logging-input -i eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13625 -A ufw-user-logging-input -i eth0 -j RETURN
13626 --
13627 ### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 in_eth0
13628--A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13629+-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13630 -A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
13631 --
13632 ### tuple ### deny_log-all tcp 25 10.0.0.1 any 192.168.0.1 in_eth0
13633@@ -1109,7 +1109,7 @@ Status: active
13634 -A ufw6-user-input -i eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
13635
13636 ### tuple ### allow_log any any ::/0 any ::/0 in_eth0
13637--A ufw6-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13638+-A ufw6-user-logging-input -i eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13639 -A ufw6-user-logging-input -i eth0 -j RETURN
13640 --
13641 ### tuple ### allow udp 137,138 ::/0 any ::/0 Samba - in_eth0
13642@@ -1312,8 +1312,8 @@ Status: active
13643 -A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
13644 --
13645 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 out_eth1
13646--A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
13647--A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13648+-A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
13649+-A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13650 --
13651 ### tuple ### allow any any 192.168.0.1 any 10.0.0.1 out_eth1
13652 -A ufw-user-output -o eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT
13653@@ -1327,8 +1327,8 @@ Status: active
13654 -A ufw-user-output -o eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
13655 --
13656 ### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 out_eth1
13657--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
13658--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13659+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
13660+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13661 --
13662 ### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth2
13663 -A ufw-user-output -o eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
13664@@ -1337,11 +1337,11 @@ Status: active
13665 -A ufw-user-output -o eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
13666
13667 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 out_eth0
13668--A ufw-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13669+-A ufw-user-logging-output -o eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13670 -A ufw-user-logging-output -o eth0 -j RETURN
13671 --
13672 ### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 out_eth0
13673--A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13674+-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13675 -A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
13676 --
13677 ### tuple ### deny_log-all tcp 25 10.0.0.1 any 192.168.0.1 out_eth0
13678@@ -1364,7 +1364,7 @@ Status: active
13679 -A ufw6-user-output -o eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
13680
13681 ### tuple ### allow_log any any ::/0 any ::/0 out_eth0
13682--A ufw6-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13683+-A ufw6-user-logging-output -o eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13684 -A ufw6-user-logging-output -o eth0 -j RETURN
13685 --
13686 ### tuple ### allow udp 137,138 ::/0 any ::/0 Samba - out_eth0
13687@@ -1556,8 +1556,8 @@ Status: active
13688 -A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
13689 --
13690 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 in_eth1
13691--A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
13692--A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13693+-A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
13694+-A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13695 --
13696 ### tuple ### allow any any 192.168.0.1 any 10.0.0.1 in_eth1
13697 -A ufw-user-input -i eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT
13698@@ -1571,8 +1571,8 @@ Status: active
13699 -A ufw-user-input -i eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
13700 --
13701 ### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 in_eth1
13702--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
13703--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13704+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
13705+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13706 --
13707 ### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth2
13708 -A ufw-user-input -i eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
13709@@ -1581,11 +1581,11 @@ Status: active
13710 -A ufw-user-input -i eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
13711
13712 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 in_eth0
13713--A ufw-user-logging-input -i eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13714+-A ufw-user-logging-input -i eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13715 -A ufw-user-logging-input -i eth0 -j RETURN
13716 --
13717 ### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 in_eth0
13718--A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13719+-A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13720 -A ufw-user-logging-input -i eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
13721 --
13722 ### tuple ### deny_log-all tcp 25 10.0.0.1 any 192.168.0.1 in_eth0
13723@@ -1777,8 +1777,8 @@ Status: active
13724 -A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
13725 --
13726 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 out_eth1
13727--A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
13728--A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13729+-A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
13730+-A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13731 --
13732 ### tuple ### allow any any 192.168.0.1 any 10.0.0.1 out_eth1
13733 -A ufw-user-output -o eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT
13734@@ -1792,8 +1792,8 @@ Status: active
13735 -A ufw-user-output -o eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
13736 --
13737 ### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 out_eth1
13738--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --set
13739--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13740+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
13741+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
13742 --
13743 ### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth2
13744 -A ufw-user-output -o eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
13745@@ -1802,11 +1802,11 @@ Status: active
13746 -A ufw-user-output -o eth2 -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
13747
13748 ### tuple ### allow_log any any 0.0.0.0/0 any 0.0.0.0/0 out_eth0
13749--A ufw-user-logging-output -o eth0 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13750+-A ufw-user-logging-output -o eth0 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13751 -A ufw-user-logging-output -o eth0 -j RETURN
13752 --
13753 ### tuple ### allow_log tcp 24 10.0.0.1 any 192.168.0.1 out_eth0
13754--A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13755+-A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13756 -A ufw-user-logging-output -o eth0 -p tcp -d 10.0.0.1 --dport 24 -s 192.168.0.1 -j RETURN
13757 --
13758 ### tuple ### deny_log-all tcp 25 10.0.0.1 any 192.168.0.1 out_eth0
13759diff --git a/tests/root/live_apps/result b/tests/root/live_apps/result
13760index c0aa6e2..cb97ffb 100644
13761--- a/tests/root/live_apps/result
13762+++ b/tests/root/live_apps/result
13763@@ -1235,7 +1235,7 @@ Rule inserted
13764 ### LOGGING ###
13765 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13766 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13767--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13768+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13769 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13770 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13771 ### END LOGGING ###
13772@@ -1318,7 +1318,7 @@ Rule deleted
13773 ### LOGGING ###
13774 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13775 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13776--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13777+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13778 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13779 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13780 ### END LOGGING ###
13781@@ -1444,7 +1444,7 @@ Rule inserted
13782 ### LOGGING ###
13783 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13784 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13785--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13786+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13787 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13788 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13789 ### END LOGGING ###
13790@@ -1543,7 +1543,7 @@ Rule deleted
13791 ### LOGGING ###
13792 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13793 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13794--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13795+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13796 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13797 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13798 ### END LOGGING ###
13799@@ -1647,7 +1647,7 @@ Rule inserted (v6)
13800 ### LOGGING ###
13801 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13802 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13803--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13804+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13805 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13806 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13807 ### END LOGGING ###
13808@@ -1696,7 +1696,7 @@ COMMIT
13809 ### LOGGING ###
13810 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13811 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13812--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13813+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13814 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13815 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13816 ### END LOGGING ###
13817@@ -1755,7 +1755,7 @@ Rule deleted (v6)
13818 ### LOGGING ###
13819 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13820 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13821--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13822+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13823 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13824 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13825 ### END LOGGING ###
13826@@ -1788,7 +1788,7 @@ COMMIT
13827 ### LOGGING ###
13828 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13829 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13830--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13831+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13832 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13833 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13834 ### END LOGGING ###
13835@@ -1889,7 +1889,7 @@ Rule inserted
13836 ### LOGGING ###
13837 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13838 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13839--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13840+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13841 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13842 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13843 ### END LOGGING ###
13844@@ -1932,7 +1932,7 @@ COMMIT
13845 ### LOGGING ###
13846 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13847 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13848--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13849+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13850 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13851 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13852 ### END LOGGING ###
13853@@ -2005,7 +2005,7 @@ Rule deleted
13854 ### LOGGING ###
13855 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13856 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13857--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13858+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13859 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13860 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13861 ### END LOGGING ###
13862@@ -2038,7 +2038,7 @@ COMMIT
13863 ### LOGGING ###
13864 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13865 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13866--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13867+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13868 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13869 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13870 ### END LOGGING ###
13871@@ -2173,23 +2173,23 @@ Samba on eth0 LIMIT 10.0.0.1
13872
13873
13874 ### tuple ### limit udp 137,138 192.168.0.1 any 0.0.0.0/0 Samba - in_eth0
13875--A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
13876--A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13877+-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
13878+-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13879 -A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
13880 --
13881 ### tuple ### limit tcp 139,445 192.168.0.1 any 0.0.0.0/0 Samba - in_eth0
13882--A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
13883--A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13884+-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
13885+-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13886 -A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
13887 --
13888 ### tuple ### limit udp 137,138 0.0.0.0/0 any 10.0.0.1 Samba - in_eth0
13889--A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
13890--A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13891+-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
13892+-A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13893 -A ufw-user-input -i eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
13894 --
13895 ### tuple ### limit tcp 139,445 0.0.0.0/0 any 10.0.0.1 Samba - in_eth0
13896--A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
13897--A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13898+-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
13899+-A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13900 -A ufw-user-input -i eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
13901 225: delete limit in on eth0 to 192.168.0.1 app Samba
13902 WARN: Checks disabled
13903@@ -2447,23 +2447,23 @@ Samba LIMIT OUT 10.0.0.1 on eth0
13904
13905
13906 ### tuple ### limit udp 137,138 192.168.0.1 any 0.0.0.0/0 Samba - out_eth0
13907--A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
13908--A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13909+-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
13910+-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13911 -A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -d 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
13912 --
13913 ### tuple ### limit tcp 139,445 192.168.0.1 any 0.0.0.0/0 Samba - out_eth0
13914--A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
13915--A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13916+-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
13917+-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13918 -A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -d 192.168.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
13919 --
13920 ### tuple ### limit udp 137,138 0.0.0.0/0 any 10.0.0.1 Samba - out_eth0
13921--A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
13922--A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13923+-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
13924+-A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13925 -A ufw-user-output -o eth0 -p udp -m multiport --dports 137,138 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
13926 --
13927 ### tuple ### limit tcp 139,445 0.0.0.0/0 any 10.0.0.1 Samba - out_eth0
13928--A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
13929--A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13930+-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
13931+-A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
13932 -A ufw-user-output -o eth0 -p tcp -m multiport --dports 139,445 -s 10.0.0.1 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
13933 259: delete limit out on eth0 to 192.168.0.1 app Samba
13934 WARN: Checks disabled
13935diff --git a/tests/root/logging/result b/tests/root/logging/result
13936index bbcc434..583ec46 100644
13937--- a/tests/root/logging/result
13938+++ b/tests/root/logging/result
13939@@ -35,23 +35,23 @@ contents of user*.rules:
13940 ### RULES ###
13941
13942 ### tuple ### allow_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
13943--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13944+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13945 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
13946 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
13947 -A ufw-user-input -p tcp --dport 23 -j ACCEPT
13948--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13949+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13950 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
13951 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
13952 -A ufw-user-input -p udp --dport 23 -j ACCEPT
13953
13954 ### tuple ### allow_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
13955--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13956+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13957 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
13958 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
13959 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
13960
13961 ### tuple ### allow_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
13962--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13963+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13964 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
13965 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
13966 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
13967@@ -61,7 +61,7 @@ contents of user*.rules:
13968 ### LOGGING ###
13969 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13970 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13971--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13972+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
13973 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
13974 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
13975 ### END LOGGING ###
13976@@ -90,29 +90,29 @@ COMMIT
13977 ### RULES ###
13978
13979 ### tuple ### allow_log any 23 ::/0 any ::/0 in
13980--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13981+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13982 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
13983 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
13984 -A ufw6-user-input -p tcp --dport 23 -j ACCEPT
13985--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13986+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13987 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
13988 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
13989 -A ufw6-user-input -p udp --dport 23 -j ACCEPT
13990
13991 ### tuple ### allow_log udp 137,138 ::/0 any ::/0 Samba - in
13992--A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13993+-A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
13994 -A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
13995 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ufw6-user-logging-input
13996 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
13997
13998 ### tuple ### allow_log tcp 139,445 ::/0 any ::/0 Samba - in
13999--A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
14000+-A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
14001 -A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
14002 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ufw6-user-logging-input
14003 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
14004
14005 ### tuple ### allow_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
14006--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
14007+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] "
14008 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
14009 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
14010 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ACCEPT
14011@@ -122,7 +122,7 @@ COMMIT
14012 ### LOGGING ###
14013 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14014 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14015--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14016+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14017 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14018 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14019 ### END LOGGING ###
14020@@ -167,7 +167,7 @@ contents of user*.rules:
14021 ### LOGGING ###
14022 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14023 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14024--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14025+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14026 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14027 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14028 ### END LOGGING ###
14029@@ -200,7 +200,7 @@ COMMIT
14030 ### LOGGING ###
14031 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14032 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14033--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14034+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14035 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14036 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14037 ### END LOGGING ###
14038@@ -261,7 +261,7 @@ contents of user*.rules:
14039 ### LOGGING ###
14040 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14041 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14042--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14043+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14044 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14045 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14046 ### END LOGGING ###
14047@@ -322,7 +322,7 @@ COMMIT
14048 ### LOGGING ###
14049 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14050 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14051--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14052+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14053 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14054 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14055 ### END LOGGING ###
14056@@ -367,7 +367,7 @@ contents of user*.rules:
14057 ### LOGGING ###
14058 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14059 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14060--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14061+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14062 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14063 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14064 ### END LOGGING ###
14065@@ -400,7 +400,7 @@ COMMIT
14066 ### LOGGING ###
14067 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14068 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14069--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14070+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14071 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14072 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14073 ### END LOGGING ###
14074@@ -435,23 +435,23 @@ contents of user*.rules:
14075 ### RULES ###
14076
14077 ### tuple ### deny_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
14078--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14079+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14080 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
14081 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
14082 -A ufw-user-input -p tcp --dport 23 -j DROP
14083--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14084+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14085 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
14086 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
14087 -A ufw-user-input -p udp --dport 23 -j DROP
14088
14089 ### tuple ### deny_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
14090--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14091+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14092 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
14093 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
14094 -A ufw-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
14095
14096 ### tuple ### deny_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
14097--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14098+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14099 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
14100 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
14101 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
14102@@ -461,7 +461,7 @@ contents of user*.rules:
14103 ### LOGGING ###
14104 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14105 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14106--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14107+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14108 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14109 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14110 ### END LOGGING ###
14111@@ -490,29 +490,29 @@ COMMIT
14112 ### RULES ###
14113
14114 ### tuple ### deny_log any 23 ::/0 any ::/0 in
14115--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14116+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14117 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
14118 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
14119 -A ufw6-user-input -p tcp --dport 23 -j DROP
14120--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14121+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14122 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
14123 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
14124 -A ufw6-user-input -p udp --dport 23 -j DROP
14125
14126 ### tuple ### deny_log udp 137,138 ::/0 any ::/0 Samba - in
14127--A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14128+-A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14129 -A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
14130 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ufw6-user-logging-input
14131 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j DROP -m comment --comment 'dapp_Samba'
14132
14133 ### tuple ### deny_log tcp 139,445 ::/0 any ::/0 Samba - in
14134--A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14135+-A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14136 -A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
14137 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ufw6-user-logging-input
14138 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j DROP -m comment --comment 'dapp_Samba'
14139
14140 ### tuple ### deny_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
14141--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14142+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14143 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
14144 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
14145 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j DROP
14146@@ -522,7 +522,7 @@ COMMIT
14147 ### LOGGING ###
14148 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14149 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14150--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14151+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14152 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14153 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14154 ### END LOGGING ###
14155@@ -567,7 +567,7 @@ contents of user*.rules:
14156 ### LOGGING ###
14157 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14158 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14159--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14160+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14161 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14162 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14163 ### END LOGGING ###
14164@@ -600,7 +600,7 @@ COMMIT
14165 ### LOGGING ###
14166 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14167 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14168--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14169+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14170 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14171 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14172 ### END LOGGING ###
14173@@ -661,7 +661,7 @@ contents of user*.rules:
14174 ### LOGGING ###
14175 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14176 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14177--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14178+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14179 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14180 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14181 ### END LOGGING ###
14182@@ -722,7 +722,7 @@ COMMIT
14183 ### LOGGING ###
14184 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14185 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14186--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14187+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14188 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14189 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14190 ### END LOGGING ###
14191@@ -767,7 +767,7 @@ contents of user*.rules:
14192 ### LOGGING ###
14193 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14194 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14195--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14196+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14197 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14198 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14199 ### END LOGGING ###
14200@@ -800,7 +800,7 @@ COMMIT
14201 ### LOGGING ###
14202 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14203 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14204--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14205+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14206 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14207 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14208 ### END LOGGING ###
14209@@ -835,33 +835,33 @@ contents of user*.rules:
14210 ### RULES ###
14211
14212 ### tuple ### limit_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
14213--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14214+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14215 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
14216 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
14217--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --set
14218--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14219+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
14220+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14221 -A ufw-user-input -p tcp --dport 23 -j ufw-user-limit-accept
14222--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14223+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14224 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
14225 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
14226--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --set
14227--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14228+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --set
14229+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14230 -A ufw-user-input -p udp --dport 23 -j ufw-user-limit-accept
14231
14232 ### tuple ### limit_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
14233--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14234+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14235 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
14236 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
14237--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
14238--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
14239+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
14240+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
14241 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
14242
14243 ### tuple ### limit_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
14244--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14245+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14246 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
14247 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
14248--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
14249--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
14250+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
14251+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
14252 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
14253
14254 ### END RULES ###
14255@@ -869,7 +869,7 @@ contents of user*.rules:
14256 ### LOGGING ###
14257 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14258 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14259--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14260+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14261 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14262 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14263 ### END LOGGING ###
14264@@ -902,7 +902,7 @@ COMMIT
14265 ### LOGGING ###
14266 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14267 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14268--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14269+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14270 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14271 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14272 ### END LOGGING ###
14273@@ -947,7 +947,7 @@ contents of user*.rules:
14274 ### LOGGING ###
14275 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14276 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14277--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14278+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14279 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14280 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14281 ### END LOGGING ###
14282@@ -980,7 +980,7 @@ COMMIT
14283 ### LOGGING ###
14284 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14285 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14286--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14287+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14288 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14289 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14290 ### END LOGGING ###
14291@@ -1018,30 +1018,30 @@ contents of user*.rules:
14292 -A ufw-user-logging-input -p tcp --dport 23 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14293 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
14294 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
14295--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --set
14296--A ufw-user-input -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14297+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
14298+-A ufw-user-input -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14299 -A ufw-user-input -p tcp --dport 23 -j ufw-user-limit-accept
14300 -A ufw-user-logging-input -p udp --dport 23 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14301 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
14302 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
14303--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --set
14304--A ufw-user-input -p udp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14305+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --set
14306+-A ufw-user-input -p udp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14307 -A ufw-user-input -p udp --dport 23 -j ufw-user-limit-accept
14308
14309 ### tuple ### limit_log-all udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
14310 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14311 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
14312 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
14313--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
14314--A ufw-user-input -p udp -m multiport --dports 137,138 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
14315+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
14316+-A ufw-user-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
14317 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
14318
14319 ### tuple ### limit_log-all tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
14320 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW LIMIT] "
14321 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
14322 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
14323--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --set -m comment --comment 'dapp_Samba'
14324--A ufw-user-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
14325+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --set -m comment --comment 'dapp_Samba'
14326+-A ufw-user-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit -m comment --comment 'dapp_Samba'
14327 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-limit-accept -m comment --comment 'dapp_Samba'
14328
14329 ### END RULES ###
14330@@ -1049,7 +1049,7 @@ contents of user*.rules:
14331 ### LOGGING ###
14332 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14333 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14334--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14335+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14336 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14337 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14338 ### END LOGGING ###
14339@@ -1082,7 +1082,7 @@ COMMIT
14340 ### LOGGING ###
14341 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14342 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14343--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14344+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14345 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14346 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14347 ### END LOGGING ###
14348@@ -1127,7 +1127,7 @@ contents of user*.rules:
14349 ### LOGGING ###
14350 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14351 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14352--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14353+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14354 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14355 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14356 ### END LOGGING ###
14357@@ -1160,7 +1160,7 @@ COMMIT
14358 ### LOGGING ###
14359 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14360 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14361--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14362+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14363 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14364 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14365 ### END LOGGING ###
14366@@ -1195,23 +1195,23 @@ contents of user*.rules:
14367 ### RULES ###
14368
14369 ### tuple ### reject_log any 23 0.0.0.0/0 any 0.0.0.0/0 in
14370--A ufw-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14371+-A ufw-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14372 -A ufw-user-logging-input -p tcp --dport 23 -j RETURN
14373 -A ufw-user-input -p tcp --dport 23 -j ufw-user-logging-input
14374 -A ufw-user-input -p tcp --dport 23 -j REJECT --reject-with tcp-reset
14375--A ufw-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14376+-A ufw-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14377 -A ufw-user-logging-input -p udp --dport 23 -j RETURN
14378 -A ufw-user-input -p udp --dport 23 -j ufw-user-logging-input
14379 -A ufw-user-input -p udp --dport 23 -j REJECT
14380
14381 ### tuple ### reject_log udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in
14382--A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14383+-A ufw-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14384 -A ufw-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
14385 -A ufw-user-input -p udp -m multiport --dports 137,138 -j ufw-user-logging-input
14386 -A ufw-user-input -p udp -m multiport --dports 137,138 -j REJECT -m comment --comment 'dapp_Samba'
14387
14388 ### tuple ### reject_log tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
14389--A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14390+-A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14391 -A ufw-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
14392 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ufw-user-logging-input
14393 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j REJECT --reject-with tcp-reset -m comment --comment 'dapp_Samba'
14394@@ -1221,7 +1221,7 @@ contents of user*.rules:
14395 ### LOGGING ###
14396 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14397 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14398--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14399+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14400 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14401 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14402 ### END LOGGING ###
14403@@ -1250,29 +1250,29 @@ COMMIT
14404 ### RULES ###
14405
14406 ### tuple ### reject_log any 23 ::/0 any ::/0 in
14407--A ufw6-user-logging-input -p tcp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14408+-A ufw6-user-logging-input -p tcp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14409 -A ufw6-user-logging-input -p tcp --dport 23 -j RETURN
14410 -A ufw6-user-input -p tcp --dport 23 -j ufw6-user-logging-input
14411 -A ufw6-user-input -p tcp --dport 23 -j REJECT --reject-with tcp-reset
14412--A ufw6-user-logging-input -p udp --dport 23 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14413+-A ufw6-user-logging-input -p udp --dport 23 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14414 -A ufw6-user-logging-input -p udp --dport 23 -j RETURN
14415 -A ufw6-user-input -p udp --dport 23 -j ufw6-user-logging-input
14416 -A ufw6-user-input -p udp --dport 23 -j REJECT
14417
14418 ### tuple ### reject_log udp 137,138 ::/0 any ::/0 Samba - in
14419--A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14420+-A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14421 -A ufw6-user-logging-input -p udp -m multiport --dports 137,138 -j RETURN
14422 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j ufw6-user-logging-input
14423 -A ufw6-user-input -p udp -m multiport --dports 137,138 -j REJECT -m comment --comment 'dapp_Samba'
14424
14425 ### tuple ### reject_log tcp 139,445 ::/0 any ::/0 Samba - in
14426--A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14427+-A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14428 -A ufw6-user-logging-input -p tcp -m multiport --dports 139,445 -j RETURN
14429 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ufw6-user-logging-input
14430 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j REJECT --reject-with tcp-reset -m comment --comment 'dapp_Samba'
14431
14432 ### tuple ### reject_log tcp 25 2001:db8:3:4:5:6:7:8 any 2001:db8::/32 in
14433--A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m state --state NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14434+-A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW BLOCK] "
14435 -A ufw6-user-logging-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j RETURN
14436 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j ufw6-user-logging-input
14437 -A ufw6-user-input -p tcp -d 2001:db8:3:4:5:6:7:8 --dport 25 -s 2001:db8::/32 -j REJECT --reject-with tcp-reset
14438@@ -1282,7 +1282,7 @@ COMMIT
14439 ### LOGGING ###
14440 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14441 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14442--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14443+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14444 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14445 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14446 ### END LOGGING ###
14447@@ -1327,7 +1327,7 @@ contents of user*.rules:
14448 ### LOGGING ###
14449 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14450 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14451--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14452+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14453 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14454 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14455 ### END LOGGING ###
14456@@ -1360,7 +1360,7 @@ COMMIT
14457 ### LOGGING ###
14458 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14459 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14460--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14461+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14462 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14463 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14464 ### END LOGGING ###
14465@@ -1421,7 +1421,7 @@ contents of user*.rules:
14466 ### LOGGING ###
14467 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14468 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14469--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14470+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14471 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14472 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14473 ### END LOGGING ###
14474@@ -1482,7 +1482,7 @@ COMMIT
14475 ### LOGGING ###
14476 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14477 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14478--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14479+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14480 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14481 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14482 ### END LOGGING ###
14483@@ -1527,7 +1527,7 @@ contents of user*.rules:
14484 ### LOGGING ###
14485 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14486 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14487--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14488+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14489 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14490 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14491 ### END LOGGING ###
14492@@ -1560,7 +1560,7 @@ COMMIT
14493 ### LOGGING ###
14494 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14495 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14496--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14497+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14498 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14499 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14500 ### END LOGGING ###
14501@@ -1590,7 +1590,7 @@ contents of user*.rules:
14502 ### LOGGING ###
14503 -A ufw-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14504 -A ufw-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14505--I ufw-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14506+-I ufw-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14507 -A ufw-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14508 -A ufw-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14509 ### END LOGGING ###
14510@@ -1623,7 +1623,7 @@ COMMIT
14511 ### LOGGING ###
14512 -A ufw6-after-logging-input -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14513 -A ufw6-after-logging-forward -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14514--I ufw6-logging-deny -m state --state INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14515+-I ufw6-logging-deny -m conntrack --ctstate INVALID -j RETURN -m limit --limit 3/min --limit-burst 10
14516 -A ufw6-logging-deny -j LOG --log-prefix "[UFW BLOCK] " -m limit --limit 3/min --limit-burst 10
14517 -A ufw6-logging-allow -j LOG --log-prefix "[UFW ALLOW] " -m limit --limit 3/min --limit-burst 10
14518 ### END LOGGING ###
14519diff --git a/tests/root/valid/result b/tests/root/valid/result
14520index 3a493da..320a728 100644
14521--- a/tests/root/valid/result
14522+++ b/tests/root/valid/result
14523@@ -234,8 +234,8 @@ Rules updated
14524 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14525
14526 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14527--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14528--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14529+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14530+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14531 27: deny 53
14532 WARN: Checks disabled
14533 Rules updated
14534@@ -255,8 +255,8 @@ Rules updated
14535 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14536
14537 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14538--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14539--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14540+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14541+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14542 28: allow 80/tcp
14543 WARN: Checks disabled
14544 Rules updated
14545@@ -276,8 +276,8 @@ Rules updated
14546 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14547
14548 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14549--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14550--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14551+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14552+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14553 29: allow from 10.0.0.0/8
14554 WARN: Checks disabled
14555 Rules updated
14556@@ -297,8 +297,8 @@ Rules updated
14557 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14558
14559 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14560--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14561--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14562+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14563+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14564 --
14565 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
14566 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
14567@@ -322,8 +322,8 @@ Rules updated
14568 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14569
14570 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14571--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14572--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14573+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14574+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14575 --
14576 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
14577 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
14578@@ -350,8 +350,8 @@ Rules updated
14579 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14580
14581 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14582--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14583--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14584+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14585+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14586 --
14587 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
14588 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
14589@@ -381,8 +381,8 @@ Rules updated
14590 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14591
14592 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14593--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14594--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14595+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14596+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14597 --
14598 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
14599 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
14600@@ -415,8 +415,8 @@ Rules updated
14601 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14602
14603 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14604--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14605--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14606+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14607+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14608 --
14609 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
14610 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
14611@@ -452,8 +452,8 @@ Rules updated
14612 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
14613
14614 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14615--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14616--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14617+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14618+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14619 --
14620 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
14621 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
14622@@ -1173,8 +1173,8 @@ Rules updated
14623
14624
14625 ### tuple ### limit any any 0.0.0.0/0 any 192.168.0.1 in
14626--A ufw-user-input -s 192.168.0.1 -m state --state NEW -m recent --set
14627--A ufw-user-input -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14628+-A ufw-user-input -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
14629+-A ufw-user-input -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14630 -A ufw-user-input -s 192.168.0.1 -j ufw-user-limit-accept
14631
14632 ### END RULES ###
14633@@ -1189,8 +1189,8 @@ Rules updated
14634
14635
14636 ### tuple ### limit any any 10.0.0.1 any 0.0.0.0/0 in
14637--A ufw-user-input -d 10.0.0.1 -m state --state NEW -m recent --set
14638--A ufw-user-input -d 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14639+-A ufw-user-input -d 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
14640+-A ufw-user-input -d 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14641 -A ufw-user-input -d 10.0.0.1 -j ufw-user-limit-accept
14642
14643 ### END RULES ###
14644@@ -1205,8 +1205,8 @@ Rules updated
14645
14646
14647 ### tuple ### limit any any 10.0.0.1 any 192.168.0.1 in
14648--A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --set
14649--A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14650+-A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
14651+-A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14652 -A ufw-user-input -d 10.0.0.1 -s 192.168.0.1 -j ufw-user-limit-accept
14653
14654 ### END RULES ###
14655@@ -1221,11 +1221,11 @@ Rules updated
14656
14657
14658 ### tuple ### limit any any 0.0.0.0/0 80 192.168.0.1 in
14659--A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14660--A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14661+-A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14662+-A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14663 -A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
14664--A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14665--A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14666+-A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14667+-A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14668 151: delete limit from 192.168.0.1 port 80
14669 WARN: Checks disabled
14670 Rules updated
14671@@ -1237,11 +1237,11 @@ Rules updated
14672
14673
14674 ### tuple ### limit any 25 10.0.0.1 any 0.0.0.0/0 in
14675--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --set
14676--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14677+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --set
14678+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14679 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -j ufw-user-limit-accept
14680--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --set
14681--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14682+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --set
14683+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14684 153: delete limit to 10.0.0.1 port 25
14685 WARN: Checks disabled
14686 Rules updated
14687@@ -1253,11 +1253,11 @@ Rules updated
14688
14689
14690 ### tuple ### limit any any 10.0.0.1 80 192.168.0.1 in
14691--A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14692--A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14693+-A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14694+-A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14695 -A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
14696--A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14697--A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14698+-A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14699+-A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14700 155: delete limit to 10.0.0.1 from 192.168.0.1 port 80
14701 WARN: Checks disabled
14702 Rules updated
14703@@ -1269,11 +1269,11 @@ Rules updated
14704
14705
14706 ### tuple ### limit any 25 10.0.0.1 any 192.168.0.1 in
14707--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --set
14708--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14709+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
14710+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14711 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -j ufw-user-limit-accept
14712--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --set
14713--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14714+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
14715+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14716 157: delete limit to 10.0.0.1 port 25 from 192.168.0.1
14717 WARN: Checks disabled
14718 Rules updated
14719@@ -1285,11 +1285,11 @@ Rules updated
14720
14721
14722 ### tuple ### limit any 25 10.0.0.1 80 192.168.0.1 in
14723--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14724--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14725+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14726+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14727 -A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -j ufw-user-limit-accept
14728--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14729--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14730+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14731+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14732 159: delete limit to 10.0.0.1 port 25 from 192.168.0.1 port 80
14733 WARN: Checks disabled
14734 Rules updated
14735@@ -1301,8 +1301,8 @@ Rules updated
14736
14737
14738 ### tuple ### limit udp any 0.0.0.0/0 80 192.168.0.1 in
14739--A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14740--A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14741+-A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14742+-A ufw-user-input -p udp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14743 161: delete limit from 192.168.0.1 port 80 proto udp
14744 WARN: Checks disabled
14745 Rules updated
14746@@ -1314,8 +1314,8 @@ Rules updated
14747
14748
14749 ### tuple ### limit udp 25 10.0.0.1 any 0.0.0.0/0 in
14750--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --set
14751--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14752+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --set
14753+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14754 163: delete limit to 10.0.0.1 port 25 proto udp
14755 WARN: Checks disabled
14756 Rules updated
14757@@ -1327,8 +1327,8 @@ Rules updated
14758
14759
14760 ### tuple ### limit udp any 10.0.0.1 80 192.168.0.1 in
14761--A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14762--A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14763+-A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14764+-A ufw-user-input -p udp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14765 165: delete limit to 10.0.0.1 from 192.168.0.1 port 80 proto udp
14766 WARN: Checks disabled
14767 Rules updated
14768@@ -1340,8 +1340,8 @@ Rules updated
14769
14770
14771 ### tuple ### limit udp 25 10.0.0.1 any 192.168.0.1 in
14772--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --set
14773--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14774+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
14775+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14776 167: delete limit to 10.0.0.1 port 25 proto udp from 192.168.0.1
14777 WARN: Checks disabled
14778 Rules updated
14779@@ -1353,8 +1353,8 @@ Rules updated
14780
14781
14782 ### tuple ### limit udp 25 10.0.0.1 80 192.168.0.1 in
14783--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14784--A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14785+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14786+-A ufw-user-input -p udp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14787 169: delete limit to 10.0.0.1 port 25 proto udp from 192.168.0.1 port 80
14788 WARN: Checks disabled
14789 Rules updated
14790@@ -1366,8 +1366,8 @@ Rules updated
14791
14792
14793 ### tuple ### limit tcp any 0.0.0.0/0 80 192.168.0.1 in
14794--A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14795--A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14796+-A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14797+-A ufw-user-input -p tcp -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14798 171: delete limit from 192.168.0.1 port 80 proto tcp
14799 WARN: Checks disabled
14800 Rules updated
14801@@ -1379,8 +1379,8 @@ Rules updated
14802
14803
14804 ### tuple ### limit tcp 25 10.0.0.1 any 0.0.0.0/0 in
14805--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --set
14806--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14807+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --set
14808+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14809 173: delete limit to 10.0.0.1 port 25 proto tcp
14810 WARN: Checks disabled
14811 Rules updated
14812@@ -1392,8 +1392,8 @@ Rules updated
14813
14814
14815 ### tuple ### limit tcp any 10.0.0.1 80 192.168.0.1 in
14816--A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14817--A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14818+-A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14819+-A ufw-user-input -p tcp -d 10.0.0.1 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14820 175: delete limit to 10.0.0.1 from 192.168.0.1 port 80 proto tcp
14821 WARN: Checks disabled
14822 Rules updated
14823@@ -1405,8 +1405,8 @@ Rules updated
14824
14825
14826 ### tuple ### limit tcp 25 10.0.0.1 any 192.168.0.1 in
14827--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --set
14828--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14829+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --set
14830+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14831 177: delete limit to 10.0.0.1 port 25 proto tcp from 192.168.0.1
14832 WARN: Checks disabled
14833 Rules updated
14834@@ -1418,8 +1418,8 @@ Rules updated
14835
14836
14837 ### tuple ### limit tcp 25 10.0.0.1 80 192.168.0.1 in
14838--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --set
14839--A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14840+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
14841+-A ufw-user-input -p tcp -d 10.0.0.1 --dport 25 -s 192.168.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14842 179: delete limit to 10.0.0.1 port 25 proto tcp from 192.168.0.1 port 80
14843 WARN: Checks disabled
14844 Rules updated
14845diff --git a/tests/root/valid6/result b/tests/root/valid6/result
14846index dc76378..74fcd86 100644
14847--- a/tests/root/valid6/result
14848+++ b/tests/root/valid6/result
14849@@ -1670,8 +1670,8 @@ Rules updated
14850
14851
14852 ### tuple ### limit ah any 10.0.0.1 any 0.0.0.0/0 in
14853--A ufw-user-input -p ah -d 10.0.0.1 -m state --state NEW -m recent --set
14854--A ufw-user-input -p ah -d 10.0.0.1 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14855+-A ufw-user-input -p ah -d 10.0.0.1 -m conntrack --ctstate NEW -m recent --set
14856+-A ufw-user-input -p ah -d 10.0.0.1 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14857 249: delete limit to 10.0.0.1 proto ah
14858 WARN: Checks disabled
14859 Rules updated
14860diff --git a/tests/root_kern/limit6/result b/tests/root_kern/limit6/result
14861index 008d993..7a3a1ad 100644
14862--- a/tests/root_kern/limit6/result
14863+++ b/tests/root_kern/limit6/result
14864@@ -40,27 +40,27 @@ Anywhere (v6) LIMIT 24/udp
14865
14866
14867 ### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
14868--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14869--A ufw-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14870+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14871+-A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14872 --
14873 ### tuple ### limit udp any 0.0.0.0/0 24 0.0.0.0/0 in
14874--A ufw-user-input -p udp --sport 24 -m state --state NEW -m recent --set
14875--A ufw-user-input -p udp --sport 24 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14876+-A ufw-user-input -p udp --sport 24 -m conntrack --ctstate NEW -m recent --set
14877+-A ufw-user-input -p udp --sport 24 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14878 --
14879 ### tuple ### limit any 23 0.0.0.0/0 any 0.0.0.0/0 in_eth1
14880--A ufw-user-input -i eth1 -p tcp --dport 23 -m state --state NEW -m recent --set
14881--A ufw-user-input -i eth1 -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14882+-A ufw-user-input -i eth1 -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
14883+-A ufw-user-input -i eth1 -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
14884 ### tuple ### limit tcp 22 ::/0 any ::/0 in
14885--A ufw6-user-input -p tcp --dport 22 -m state --state NEW -m recent --set
14886--A ufw6-user-input -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw6-user-limit
14887+-A ufw6-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
14888+-A ufw6-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw6-user-limit
14889 --
14890 ### tuple ### limit udp any ::/0 24 ::/0 in
14891--A ufw6-user-input -p udp --sport 24 -m state --state NEW -m recent --set
14892--A ufw6-user-input -p udp --sport 24 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw6-user-limit
14893+-A ufw6-user-input -p udp --sport 24 -m conntrack --ctstate NEW -m recent --set
14894+-A ufw6-user-input -p udp --sport 24 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw6-user-limit
14895 --
14896 ### tuple ### limit any 23 ::/0 any ::/0 in_eth1
14897--A ufw6-user-input -i eth1 -p tcp --dport 23 -m state --state NEW -m recent --set
14898--A ufw6-user-input -i eth1 -p tcp --dport 23 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 -j ufw6-user-limit
14899+-A ufw6-user-input -i eth1 -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --set
14900+-A ufw6-user-input -i eth1 -p tcp --dport 23 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw6-user-limit
14901 TESTING ARGS (delete allow/deny to/from)
14902 6: delete limit 22/tcp
14903 WARN: Checks disabled
diff --git a/meta-networking/recipes-connectivity/ufw/ufw/0008-support-.-setup.py-build-LP-819600.patch b/meta-networking/recipes-connectivity/ufw/ufw/0008-support-.-setup.py-build-LP-819600.patch
new file mode 100644
index 000000000..4184e33f4
--- /dev/null
+++ b/meta-networking/recipes-connectivity/ufw/ufw/0008-support-.-setup.py-build-LP-819600.patch
@@ -0,0 +1,93 @@
1support ./setup.py build (LP: #819600)
2
3Written by Jamie Strandboge <jamie@canonical.com>
4
5The patch was imported from git://git.launchpad.net/ufw
6commit id 10dc74cdc0948e4038d2921e7428cbf2896df98c
7
8Removed ChangeLog patch due to backport status of this patch.
9Modified for statement to match the one in 0.33 setup.py
10
11Upstream-Status: Backport
12Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
13
14diff --git a/setup.py b/setup.py
15index 730c568..4e1ec9a 100644
16--- a/setup.py
17+++ b/setup.py
18@@ -64,37 +64,44 @@ class Install(_install, object):
19 real_sharedir = os.path.join(real_prefix, 'share', 'ufw')
20
21 # Update the modules' paths
22- for file in [ 'common.py', 'util.py' ]:
23- print("Updating " + file)
24- subprocess.call(["sed",
25- "-i",
26- "s%#CONFIG_PREFIX#%" + real_confdir + "%g",
27- os.path.join('staging', file)])
28-
29- subprocess.call(["sed",
30- "-i",
31- "s%#STATE_PREFIX#%" + real_statedir + "%g",
32- os.path.join('staging', file)])
33-
34- subprocess.call(["sed",
35- "-i",
36- "s%#PREFIX#%" + real_prefix + "%g",
37- os.path.join('staging', file)])
38-
39- subprocess.call(["sed",
40- "-i",
41- "s%#IPTABLES_DIR#%" + iptables_dir + "%g",
42- os.path.join('staging', file)])
43-
44- subprocess.call(["sed",
45- "-i",
46- "s%#SHARE_DIR#%" + real_sharedir + "%g",
47- os.path.join('staging', file)])
48-
49- subprocess.call(["sed",
50- "-i.jjm",
51- "s%/sbin/iptables%" + iptables_exe + "%g",
52- os.path.join('staging', file)])
53+ for fn in [ 'common.py', 'util.py' ]:
54+ # 'staging' is used with just 'install' but build_lib is used when
55+ # using 'build'. We could probably override 'def build()' but this
56+ # at least works
57+ for d in [os.path.join(self.build_lib, "ufw"), 'staging']:
58+ f = os.path.join(d, fn)
59+ if not os.path.exists(f):
60+ continue
61+ print("Updating " + f)
62+ subprocess.call(["sed",
63+ "-i",
64+ "s%#CONFIG_PREFIX#%" + real_confdir + "%g",
65+ f])
66+
67+ subprocess.call(["sed",
68+ "-i",
69+ "s%#STATE_PREFIX#%" + real_statedir + "%g",
70+ f])
71+
72+ subprocess.call(["sed",
73+ "-i",
74+ "s%#PREFIX#%" + real_prefix + "%g",
75+ f])
76+
77+ subprocess.call(["sed",
78+ "-i",
79+ "s%#IPTABLES_DIR#%" + iptables_dir + "%g",
80+ f])
81+
82+ subprocess.call(["sed",
83+ "-i",
84+ "s%#SHARE_DIR#%" + real_sharedir + "%g",
85+ f])
86+
87+ subprocess.call(["sed",
88+ "-i.jjm",
89+ "s%/sbin/iptables%" + iptables_exe + "%g",
90+ f])
91
92 # Now byte-compile everything
93 super(Install, self).run()
diff --git a/meta-networking/recipes-connectivity/ufw/ufw/0009-adjust-runtime-tests-to-use-daytime-port.patch b/meta-networking/recipes-connectivity/ufw/ufw/0009-adjust-runtime-tests-to-use-daytime-port.patch
new file mode 100644
index 000000000..5f9e68df8
--- /dev/null
+++ b/meta-networking/recipes-connectivity/ufw/ufw/0009-adjust-runtime-tests-to-use-daytime-port.patch
@@ -0,0 +1,2895 @@
1adjust runtime tests to use daytime/port 13 instead of ssh/port 22 everywhere
2
3and adjust to use daytime/port 13 instead of http/port 80 and https/port 443 in
4good/logging and ipv6/bad_args6 (Closes: 849628)
5
6Patch from git://git.launchpad.net/ufw
7Commit f1ecc2475f8612f1ea87bd43a088d39009145dd8
8
9Written by Jamie Strandboge <jamie@ubuntu.com>
10
11Removed code not present (tests/live_route).
12Omitted result output that did not seem to change.
13
14Upstream-Status: Backport
15Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
16
17diff --git a/tests/root/bugs/result b/tests/root/bugs/result
18index 34bee1a..d1fab59 100644
19--- a/tests/root/bugs/result
20+++ b/tests/root/bugs/result
21@@ -94,7 +94,7 @@ Could not delete non-existent rule
22
23
24 iptables -L -n:
25-ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* 'dapp_Apache' */
26+ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* 'dapp_Apache' */
27
28 Chain ufw-user-limit (0 references)
29 10: delete allow Apache
30@@ -254,7 +254,7 @@ WARN: Checks disabled
31 Status: active
32
33
34-37: delete allow 22
35+37: delete allow 13
36 WARN: Checks disabled
37 Could not delete non-existent rule
38 Could not delete non-existent rule (v6)
39@@ -266,7 +266,7 @@ Could not delete non-existent rule
40 Could not delete non-existent rule (v6)
41
42
43-39: delete allow to 127.0.0.1 port 22
44+39: delete allow to 127.0.0.1 port 13
45 WARN: Checks disabled
46 Could not delete non-existent rule
47
48@@ -276,7 +276,7 @@ WARN: Checks disabled
49 Could not delete non-existent rule
50
51
52-41: delete allow to ::1 port 22
53+41: delete allow to ::1 port 13
54 WARN: Checks disabled
55 Could not delete non-existent rule (v6)
56
57diff --git a/tests/root/bugs/runtest.sh b/tests/root/bugs/runtest.sh
58index 0c4db9b..4bd68d7 100755
59--- a/tests/root/bugs/runtest.sh
60+++ b/tests/root/bugs/runtest.sh
61@@ -93,11 +93,11 @@ sed -i "s/IPV6=.*/IPV6=yes/" $TESTPATH/etc/default/ufw
62 do_cmd "0" nostats disable
63 do_cmd "0" nostats enable
64 do_cmd "0" status
65-do_cmd "0" delete allow 22
66+do_cmd "0" delete allow 13
67 do_cmd "0" delete allow Apache
68-do_cmd "0" delete allow to 127.0.0.1 port 22
69+do_cmd "0" delete allow to 127.0.0.1 port 13
70 do_cmd "0" delete allow to 127.0.0.1 app Apache
71-do_cmd "0" delete allow to ::1 port 22
72+do_cmd "0" delete allow to ::1 port 13
73 do_cmd "0" delete allow to ::1 app Apache
74 do_cmd "0" status
75
76diff --git a/tests/root/live/result b/tests/root/live/result
77index 7b183c5..e862327 100644
78--- a/tests/root/live/result
79+++ b/tests/root/live/result
80@@ -71,7 +71,7 @@ WARN: Checks disabled
81 Rule added
82
83
84-14: limit 22/tcp
85+14: limit 13/tcp
86 WARN: Checks disabled
87 Rule added
88 Skipping unsupported IPv6 'limit' rule
89@@ -103,7 +103,7 @@ Anywhere ALLOW 172.16.0.0/12
90 Anywhere ALLOW 192.168.0.0/16
91 514/udp DENY 1.2.3.4
92 1.2.3.4 5469/udp ALLOW 1.2.3.5 5469/udp
93-22/tcp LIMIT Anywhere
94+13/tcp LIMIT Anywhere
95 53 ALLOW Anywhere (v6)
96 23/tcp ALLOW Anywhere (v6)
97 25/tcp ALLOW Anywhere (v6)
98@@ -144,9 +144,9 @@ Anywhere ALLOW 192.168.0.0/16
99 ### tuple ### allow udp 5469 1.2.3.4 5469 1.2.3.5 in
100 -A ufw-user-input -p udp -d 1.2.3.4 --dport 5469 -s 1.2.3.5 --sport 5469 -j ACCEPT
101
102-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
103--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
104--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
105+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
106+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
107+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
108 ### tuple ### allow any 53 ::/0 any ::/0 in
109 -A ufw6-user-input -p tcp --dport 53 -j ACCEPT
110 -A ufw6-user-input -p udp --dport 53 -j ACCEPT
111@@ -221,7 +221,7 @@ WARN: Checks disabled
112 Rule deleted
113
114
115-28: delete limit 22/tcp
116+28: delete limit 13/tcp
117 WARN: Checks disabled
118 Rule deleted
119 Skipping unsupported IPv6 'limit' rule
120@@ -311,7 +311,7 @@ WARN: Checks disabled
121 Rule added
122
123
124-46: limit 22/tcp
125+46: limit 13/tcp
126 WARN: Checks disabled
127 Rule added
128
129@@ -332,7 +332,7 @@ Anywhere ALLOW 172.16.0.0/12
130 Anywhere ALLOW 192.168.0.0/16
131 514/udp DENY 1.2.3.4
132 1.2.3.4 5469/udp ALLOW 1.2.3.5 5469/udp
133-22/tcp LIMIT Anywhere
134+13/tcp LIMIT Anywhere
135
136
137
138@@ -367,9 +367,9 @@ Anywhere ALLOW 192.168.0.0/16
139 ### tuple ### allow udp 5469 1.2.3.4 5469 1.2.3.5 in
140 -A ufw-user-input -p udp -d 1.2.3.4 --dport 5469 -s 1.2.3.5 --sport 5469 -j ACCEPT
141
142-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
143--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
144--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
145+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
146+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
147+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
148 TESTING ARGS (delete allow/deny to/from)
149 48: delete allow 53
150 WARN: Checks disabled
151@@ -421,7 +421,7 @@ WARN: Checks disabled
152 Rule deleted
153
154
155-58: delete limit 22/tcp
156+58: delete limit 13/tcp
157 WARN: Checks disabled
158 Rule deleted
159
160@@ -667,7 +667,7 @@ WARN: Checks disabled
161 Rule added
162
163
164-99: limit 22/tcp
165+99: limit 13/tcp
166 WARN: Checks disabled
167 Rule added
168 Skipping unsupported IPv6 'limit' rule
169@@ -699,7 +699,7 @@ Status: active
170 [ 8] Anywhere ALLOW IN 192.168.0.0/16
171 [ 9] 514/udp DENY IN 1.2.3.4
172 [10] 1.2.3.4 5469/udp ALLOW IN 1.2.3.5 5469/udp
173-[11] 22/tcp LIMIT IN Anywhere
174+[11] 13/tcp LIMIT IN Anywhere
175 [12] 53 ALLOW IN Anywhere (v6)
176 [13] 23/tcp ALLOW IN Anywhere (v6)
177 [14] 25/tcp ALLOW IN Anywhere (v6)
178@@ -763,7 +763,7 @@ WARN: Checks disabled
179 Rule deleted
180
181
182-113: delete limit 22/tcp
183+113: delete limit 13/tcp
184 WARN: Checks disabled
185 Rule deleted
186 Skipping unsupported IPv6 'limit' rule
187@@ -841,7 +841,7 @@ WARN: Checks disabled
188 Rule added
189
190
191-129: limit 22/tcp
192+129: limit 13/tcp
193 WARN: Checks disabled
194 Rule added
195
196@@ -862,7 +862,7 @@ Status: active
197 [ 8] Anywhere ALLOW IN 192.168.0.0/16
198 [ 9] 514/udp DENY IN 1.2.3.4
199 [10] 1.2.3.4 5469/udp ALLOW IN 1.2.3.5 5469/udp
200-[11] 22/tcp LIMIT IN Anywhere
201+[11] 13/tcp LIMIT IN Anywhere
202
203
204
205@@ -916,7 +916,7 @@ WARN: Checks disabled
206 Rule deleted
207
208
209-141: delete limit 22/tcp
210+141: delete limit 13/tcp
211 WARN: Checks disabled
212 Rule deleted
213
214@@ -943,7 +943,7 @@ Rule added (v6)
215 146: deny in on eth1:1
216
217
218-147: reject in on eth1 to 192.168.0.1 port 22
219+147: reject in on eth1 to 192.168.0.1 port 13
220 WARN: Checks disabled
221 Rule added
222
223@@ -958,7 +958,7 @@ WARN: Checks disabled
224 Rule added
225
226
227-150: deny in on eth1 to 192.168.0.1 port 22 from 10.0.0.1
228+150: deny in on eth1 to 192.168.0.1 port 13 from 10.0.0.1
229 WARN: Checks disabled
230 Rule added
231
232@@ -968,7 +968,7 @@ WARN: Checks disabled
233 Rule added
234
235
236-152: limit in on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
237+152: limit in on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
238 WARN: Checks disabled
239 Rule added
240
241@@ -1002,12 +1002,12 @@ Status: active
242 To Action From
243 -- ------ ----
244 [ 1] Anywhere on eth1 ALLOW IN Anywhere
245-[ 2] 192.168.0.1 22 on eth1 REJECT IN Anywhere
246+[ 2] 192.168.0.1 13 on eth1 REJECT IN Anywhere
247 [ 3] Anywhere on eth1 LIMIT IN 10.0.0.1 80
248 [ 4] 192.168.0.1 on eth1 ALLOW IN 10.0.0.1
249-[ 5] 192.168.0.1 22 on eth1 DENY IN 10.0.0.1
250+[ 5] 192.168.0.1 13 on eth1 DENY IN 10.0.0.1
251 [ 6] 192.168.0.1 on eth1 REJECT IN 10.0.0.1 80
252-[ 7] 192.168.0.1 22 on eth1 LIMIT IN 10.0.0.1 80
253+[ 7] 192.168.0.1 13 on eth1 LIMIT IN 10.0.0.1 80
254 [ 8] Anywhere on eth0 ALLOW IN Anywhere (log)
255 [ 9] 10.0.0.1 24/tcp on eth0 ALLOW IN 192.168.0.1 (log)
256 [10] 10.0.0.1 25/tcp on eth0 DENY IN 192.168.0.1 (log-all)
257@@ -1031,12 +1031,12 @@ Status: active
258 To Action From
259 -- ------ ----
260 [ 1] Anywhere on eth1 ALLOW IN Anywhere
261-[ 2] 192.168.0.1 22 on eth1 REJECT IN Anywhere
262+[ 2] 192.168.0.1 13 on eth1 REJECT IN Anywhere
263 [ 3] Anywhere on eth1 LIMIT IN 10.0.0.1 80
264 [ 4] 192.168.0.1 on eth1 ALLOW IN 10.0.0.1
265-[ 5] 192.168.0.1 22 on eth1 DENY IN 10.0.0.1
266+[ 5] 192.168.0.1 13 on eth1 DENY IN 10.0.0.1
267 [ 6] 192.168.0.1 on eth1 REJECT IN 10.0.0.1 80
268-[ 7] 192.168.0.1 22 on eth1 LIMIT IN 10.0.0.1 80
269+[ 7] 192.168.0.1 13 on eth1 LIMIT IN 10.0.0.1 80
270 [ 8] Samba on eth2 ALLOW IN Anywhere
271 [ 9] Anywhere on eth0 ALLOW IN Anywhere (log)
272 [10] 10.0.0.1 24/tcp on eth0 ALLOW IN 192.168.0.1 (log)
273@@ -1052,9 +1052,9 @@ Status: active
274 ### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 in_eth1
275 -A ufw-user-input -i eth1 -j ACCEPT
276
277-### tuple ### reject any 22 192.168.0.1 any 0.0.0.0/0 in_eth1
278--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -j REJECT --reject-with tcp-reset
279--A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
280+### tuple ### reject any 13 192.168.0.1 any 0.0.0.0/0 in_eth1
281+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 13 -j REJECT --reject-with tcp-reset
282+-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 13 -j REJECT
283 --
284 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 in_eth1
285 -A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
286@@ -1063,17 +1063,17 @@ Status: active
287 ### tuple ### allow any any 192.168.0.1 any 10.0.0.1 in_eth1
288 -A ufw-user-input -i eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT
289
290-### tuple ### deny any 22 192.168.0.1 any 10.0.0.1 in_eth1
291--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
292--A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
293+### tuple ### deny any 13 192.168.0.1 any 10.0.0.1 in_eth1
294+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 -j DROP
295+-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 13 -s 10.0.0.1 -j DROP
296 --
297 ### tuple ### reject any any 192.168.0.1 80 10.0.0.1 in_eth1
298 -A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT --reject-with tcp-reset
299 -A ufw-user-input -i eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
300 --
301-### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 in_eth1
302--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
303--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
304+### tuple ### limit any 13 192.168.0.1 80 10.0.0.1 in_eth1
305+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
306+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
307 --
308 ### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth2
309 -A ufw-user-input -i eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
310@@ -1124,7 +1124,7 @@ Rule deleted
311 Rule deleted (v6)
312
313
314-161: delete reject in on eth1 to 192.168.0.1 port 22
315+161: delete reject in on eth1 to 192.168.0.1 port 13
316 WARN: Checks disabled
317 Rule deleted
318
319@@ -1139,7 +1139,7 @@ WARN: Checks disabled
320 Rule deleted
321
322
323-164: delete deny in on eth1 to 192.168.0.1 port 22 from 10.0.0.1
324+164: delete deny in on eth1 to 192.168.0.1 port 13 from 10.0.0.1
325 WARN: Checks disabled
326 Rule deleted
327
328@@ -1149,7 +1149,7 @@ WARN: Checks disabled
329 Rule deleted
330
331
332-166: delete limit in on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
333+166: delete limit in on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
334 WARN: Checks disabled
335 Rule deleted
336
337@@ -1198,7 +1198,7 @@ Rule added (v6)
338 175: deny out on eth1:1
339
340
341-176: reject out on eth1 to 192.168.0.1 port 22
342+176: reject out on eth1 to 192.168.0.1 port 13
343 WARN: Checks disabled
344 Rule added
345
346@@ -1213,7 +1213,7 @@ WARN: Checks disabled
347 Rule added
348
349
350-179: deny out on eth1 to 192.168.0.1 port 22 from 10.0.0.1
351+179: deny out on eth1 to 192.168.0.1 port 13 from 10.0.0.1
352 WARN: Checks disabled
353 Rule added
354
355@@ -1223,7 +1223,7 @@ WARN: Checks disabled
356 Rule added
357
358
359-181: limit out on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
360+181: limit out on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
361 WARN: Checks disabled
362 Rule added
363
364@@ -1257,12 +1257,12 @@ Status: active
365 To Action From
366 -- ------ ----
367 [ 1] Anywhere ALLOW OUT Anywhere on eth1 (out)
368-[ 2] 192.168.0.1 22 REJECT OUT Anywhere on eth1 (out)
369+[ 2] 192.168.0.1 13 REJECT OUT Anywhere on eth1 (out)
370 [ 3] Anywhere LIMIT OUT 10.0.0.1 80 on eth1 (out)
371 [ 4] 192.168.0.1 ALLOW OUT 10.0.0.1 on eth1 (out)
372-[ 5] 192.168.0.1 22 DENY OUT 10.0.0.1 on eth1 (out)
373+[ 5] 192.168.0.1 13 DENY OUT 10.0.0.1 on eth1 (out)
374 [ 6] 192.168.0.1 REJECT OUT 10.0.0.1 80 on eth1 (out)
375-[ 7] 192.168.0.1 22 LIMIT OUT 10.0.0.1 80 on eth1 (out)
376+[ 7] 192.168.0.1 13 LIMIT OUT 10.0.0.1 80 on eth1 (out)
377 [ 8] Anywhere ALLOW OUT Anywhere on eth0 (log, out)
378 [ 9] 10.0.0.1 24/tcp ALLOW OUT 192.168.0.1 on eth0 (log, out)
379 [10] 10.0.0.1 25/tcp DENY OUT 192.168.0.1 on eth0 (log-all, out)
380@@ -1286,12 +1286,12 @@ Status: active
381 To Action From
382 -- ------ ----
383 [ 1] Anywhere ALLOW OUT Anywhere on eth1 (out)
384-[ 2] 192.168.0.1 22 REJECT OUT Anywhere on eth1 (out)
385+[ 2] 192.168.0.1 13 REJECT OUT Anywhere on eth1 (out)
386 [ 3] Anywhere LIMIT OUT 10.0.0.1 80 on eth1 (out)
387 [ 4] 192.168.0.1 ALLOW OUT 10.0.0.1 on eth1 (out)
388-[ 5] 192.168.0.1 22 DENY OUT 10.0.0.1 on eth1 (out)
389+[ 5] 192.168.0.1 13 DENY OUT 10.0.0.1 on eth1 (out)
390 [ 6] 192.168.0.1 REJECT OUT 10.0.0.1 80 on eth1 (out)
391-[ 7] 192.168.0.1 22 LIMIT OUT 10.0.0.1 80 on eth1 (out)
392+[ 7] 192.168.0.1 13 LIMIT OUT 10.0.0.1 80 on eth1 (out)
393 [ 8] Samba ALLOW OUT Anywhere on eth2 (out)
394 [ 9] Anywhere ALLOW OUT Anywhere on eth0 (log, out)
395 [10] 10.0.0.1 24/tcp ALLOW OUT 192.168.0.1 on eth0 (log, out)
396@@ -1307,9 +1307,9 @@ Status: active
397 ### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 out_eth1
398 -A ufw-user-output -o eth1 -j ACCEPT
399
400-### tuple ### reject any 22 192.168.0.1 any 0.0.0.0/0 out_eth1
401--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -j REJECT --reject-with tcp-reset
402--A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
403+### tuple ### reject any 13 192.168.0.1 any 0.0.0.0/0 out_eth1
404+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 13 -j REJECT --reject-with tcp-reset
405+-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 13 -j REJECT
406 --
407 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 out_eth1
408 -A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
409@@ -1318,17 +1318,17 @@ Status: active
410 ### tuple ### allow any any 192.168.0.1 any 10.0.0.1 out_eth1
411 -A ufw-user-output -o eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT
412
413-### tuple ### deny any 22 192.168.0.1 any 10.0.0.1 out_eth1
414--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
415--A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
416+### tuple ### deny any 13 192.168.0.1 any 10.0.0.1 out_eth1
417+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 -j DROP
418+-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 13 -s 10.0.0.1 -j DROP
419 --
420 ### tuple ### reject any any 192.168.0.1 80 10.0.0.1 out_eth1
421 -A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT --reject-with tcp-reset
422 -A ufw-user-output -o eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
423 --
424-### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 out_eth1
425--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
426--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
427+### tuple ### limit any 13 192.168.0.1 80 10.0.0.1 out_eth1
428+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
429+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
430 --
431 ### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth2
432 -A ufw-user-output -o eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
433@@ -1379,7 +1379,7 @@ Rule deleted
434 Rule deleted (v6)
435
436
437-190: delete reject out on eth1 to 192.168.0.1 port 22
438+190: delete reject out on eth1 to 192.168.0.1 port 13
439 WARN: Checks disabled
440 Rule deleted
441
442@@ -1394,7 +1394,7 @@ WARN: Checks disabled
443 Rule deleted
444
445
446-193: delete deny out on eth1 to 192.168.0.1 port 22 from 10.0.0.1
447+193: delete deny out on eth1 to 192.168.0.1 port 13 from 10.0.0.1
448 WARN: Checks disabled
449 Rule deleted
450
451@@ -1404,7 +1404,7 @@ WARN: Checks disabled
452 Rule deleted
453
454
455-195: delete limit out on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
456+195: delete limit out on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
457 WARN: Checks disabled
458 Rule deleted
459
460@@ -1452,7 +1452,7 @@ Rule added
461 204: deny in on eth1:1
462
463
464-205: reject in on eth1 to 192.168.0.1 port 22
465+205: reject in on eth1 to 192.168.0.1 port 13
466 WARN: Checks disabled
467 Rule added
468
469@@ -1467,7 +1467,7 @@ WARN: Checks disabled
470 Rule added
471
472
473-208: deny in on eth1 to 192.168.0.1 port 22 from 10.0.0.1
474+208: deny in on eth1 to 192.168.0.1 port 13 from 10.0.0.1
475 WARN: Checks disabled
476 Rule added
477
478@@ -1477,7 +1477,7 @@ WARN: Checks disabled
479 Rule added
480
481
482-210: limit in on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
483+210: limit in on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
484 WARN: Checks disabled
485 Rule added
486
487@@ -1509,12 +1509,12 @@ Status: active
488 To Action From
489 -- ------ ----
490 [ 1] Anywhere on eth1 ALLOW IN Anywhere
491-[ 2] 192.168.0.1 22 on eth1 REJECT IN Anywhere
492+[ 2] 192.168.0.1 13 on eth1 REJECT IN Anywhere
493 [ 3] Anywhere on eth1 LIMIT IN 10.0.0.1 80
494 [ 4] 192.168.0.1 on eth1 ALLOW IN 10.0.0.1
495-[ 5] 192.168.0.1 22 on eth1 DENY IN 10.0.0.1
496+[ 5] 192.168.0.1 13 on eth1 DENY IN 10.0.0.1
497 [ 6] 192.168.0.1 on eth1 REJECT IN 10.0.0.1 80
498-[ 7] 192.168.0.1 22 on eth1 LIMIT IN 10.0.0.1 80
499+[ 7] 192.168.0.1 13 on eth1 LIMIT IN 10.0.0.1 80
500 [ 8] Anywhere on eth0 ALLOW IN Anywhere (log)
501 [ 9] 10.0.0.1 24/tcp on eth0 ALLOW IN 192.168.0.1 (log)
502 [10] 10.0.0.1 25/tcp on eth0 DENY IN 192.168.0.1 (log-all)
503@@ -1534,12 +1534,12 @@ Status: active
504 To Action From
505 -- ------ ----
506 [ 1] Anywhere on eth1 ALLOW IN Anywhere
507-[ 2] 192.168.0.1 22 on eth1 REJECT IN Anywhere
508+[ 2] 192.168.0.1 13 on eth1 REJECT IN Anywhere
509 [ 3] Anywhere on eth1 LIMIT IN 10.0.0.1 80
510 [ 4] 192.168.0.1 on eth1 ALLOW IN 10.0.0.1
511-[ 5] 192.168.0.1 22 on eth1 DENY IN 10.0.0.1
512+[ 5] 192.168.0.1 13 on eth1 DENY IN 10.0.0.1
513 [ 6] 192.168.0.1 on eth1 REJECT IN 10.0.0.1 80
514-[ 7] 192.168.0.1 22 on eth1 LIMIT IN 10.0.0.1 80
515+[ 7] 192.168.0.1 13 on eth1 LIMIT IN 10.0.0.1 80
516 [ 8] Samba on eth2 ALLOW IN Anywhere
517 [ 9] Anywhere on eth0 ALLOW IN Anywhere (log)
518 [10] 10.0.0.1 24/tcp on eth0 ALLOW IN 192.168.0.1 (log)
519@@ -1551,9 +1551,9 @@ Status: active
520 ### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 in_eth1
521 -A ufw-user-input -i eth1 -j ACCEPT
522
523-### tuple ### reject any 22 192.168.0.1 any 0.0.0.0/0 in_eth1
524--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -j REJECT --reject-with tcp-reset
525--A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
526+### tuple ### reject any 13 192.168.0.1 any 0.0.0.0/0 in_eth1
527+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 13 -j REJECT --reject-with tcp-reset
528+-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 13 -j REJECT
529 --
530 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 in_eth1
531 -A ufw-user-input -i eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
532@@ -1562,17 +1562,17 @@ Status: active
533 ### tuple ### allow any any 192.168.0.1 any 10.0.0.1 in_eth1
534 -A ufw-user-input -i eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT
535
536-### tuple ### deny any 22 192.168.0.1 any 10.0.0.1 in_eth1
537--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
538--A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
539+### tuple ### deny any 13 192.168.0.1 any 10.0.0.1 in_eth1
540+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 -j DROP
541+-A ufw-user-input -i eth1 -p udp -d 192.168.0.1 --dport 13 -s 10.0.0.1 -j DROP
542 --
543 ### tuple ### reject any any 192.168.0.1 80 10.0.0.1 in_eth1
544 -A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT --reject-with tcp-reset
545 -A ufw-user-input -i eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
546 --
547-### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 in_eth1
548--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
549--A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
550+### tuple ### limit any 13 192.168.0.1 80 10.0.0.1 in_eth1
551+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
552+-A ufw-user-input -i eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
553 --
554 ### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - in_eth2
555 -A ufw-user-input -i eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
556@@ -1603,7 +1603,7 @@ WARN: Checks disabled
557 Rule deleted
558
559
560-219: delete reject in on eth1 to 192.168.0.1 port 22
561+219: delete reject in on eth1 to 192.168.0.1 port 13
562 WARN: Checks disabled
563 Rule deleted
564
565@@ -1618,7 +1618,7 @@ WARN: Checks disabled
566 Rule deleted
567
568
569-222: delete deny in on eth1 to 192.168.0.1 port 22 from 10.0.0.1
570+222: delete deny in on eth1 to 192.168.0.1 port 13 from 10.0.0.1
571 WARN: Checks disabled
572 Rule deleted
573
574@@ -1628,7 +1628,7 @@ WARN: Checks disabled
575 Rule deleted
576
577
578-224: delete limit in on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
579+224: delete limit in on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
580 WARN: Checks disabled
581 Rule deleted
582
583@@ -1673,7 +1673,7 @@ Rule added
584 233: deny out on eth1:1
585
586
587-234: reject out on eth1 to 192.168.0.1 port 22
588+234: reject out on eth1 to 192.168.0.1 port 13
589 WARN: Checks disabled
590 Rule added
591
592@@ -1688,7 +1688,7 @@ WARN: Checks disabled
593 Rule added
594
595
596-237: deny out on eth1 to 192.168.0.1 port 22 from 10.0.0.1
597+237: deny out on eth1 to 192.168.0.1 port 13 from 10.0.0.1
598 WARN: Checks disabled
599 Rule added
600
601@@ -1698,7 +1698,7 @@ WARN: Checks disabled
602 Rule added
603
604
605-239: limit out on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
606+239: limit out on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
607 WARN: Checks disabled
608 Rule added
609
610@@ -1730,12 +1730,12 @@ Status: active
611 To Action From
612 -- ------ ----
613 [ 1] Anywhere ALLOW OUT Anywhere on eth1 (out)
614-[ 2] 192.168.0.1 22 REJECT OUT Anywhere on eth1 (out)
615+[ 2] 192.168.0.1 13 REJECT OUT Anywhere on eth1 (out)
616 [ 3] Anywhere LIMIT OUT 10.0.0.1 80 on eth1 (out)
617 [ 4] 192.168.0.1 ALLOW OUT 10.0.0.1 on eth1 (out)
618-[ 5] 192.168.0.1 22 DENY OUT 10.0.0.1 on eth1 (out)
619+[ 5] 192.168.0.1 13 DENY OUT 10.0.0.1 on eth1 (out)
620 [ 6] 192.168.0.1 REJECT OUT 10.0.0.1 80 on eth1 (out)
621-[ 7] 192.168.0.1 22 LIMIT OUT 10.0.0.1 80 on eth1 (out)
622+[ 7] 192.168.0.1 13 LIMIT OUT 10.0.0.1 80 on eth1 (out)
623 [ 8] Anywhere ALLOW OUT Anywhere on eth0 (log, out)
624 [ 9] 10.0.0.1 24/tcp ALLOW OUT 192.168.0.1 on eth0 (log, out)
625 [10] 10.0.0.1 25/tcp DENY OUT 192.168.0.1 on eth0 (log-all, out)
626@@ -1755,12 +1755,12 @@ Status: active
627 To Action From
628 -- ------ ----
629 [ 1] Anywhere ALLOW OUT Anywhere on eth1 (out)
630-[ 2] 192.168.0.1 22 REJECT OUT Anywhere on eth1 (out)
631+[ 2] 192.168.0.1 13 REJECT OUT Anywhere on eth1 (out)
632 [ 3] Anywhere LIMIT OUT 10.0.0.1 80 on eth1 (out)
633 [ 4] 192.168.0.1 ALLOW OUT 10.0.0.1 on eth1 (out)
634-[ 5] 192.168.0.1 22 DENY OUT 10.0.0.1 on eth1 (out)
635+[ 5] 192.168.0.1 13 DENY OUT 10.0.0.1 on eth1 (out)
636 [ 6] 192.168.0.1 REJECT OUT 10.0.0.1 80 on eth1 (out)
637-[ 7] 192.168.0.1 22 LIMIT OUT 10.0.0.1 80 on eth1 (out)
638+[ 7] 192.168.0.1 13 LIMIT OUT 10.0.0.1 80 on eth1 (out)
639 [ 8] Samba ALLOW OUT Anywhere on eth2 (out)
640 [ 9] Anywhere ALLOW OUT Anywhere on eth0 (log, out)
641 [10] 10.0.0.1 24/tcp ALLOW OUT 192.168.0.1 on eth0 (log, out)
642@@ -1772,9 +1772,9 @@ Status: active
643 ### tuple ### allow any any 0.0.0.0/0 any 0.0.0.0/0 out_eth1
644 -A ufw-user-output -o eth1 -j ACCEPT
645
646-### tuple ### reject any 22 192.168.0.1 any 0.0.0.0/0 out_eth1
647--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -j REJECT --reject-with tcp-reset
648--A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -j REJECT
649+### tuple ### reject any 13 192.168.0.1 any 0.0.0.0/0 out_eth1
650+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 13 -j REJECT --reject-with tcp-reset
651+-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 13 -j REJECT
652 --
653 ### tuple ### limit any any 0.0.0.0/0 80 10.0.0.1 out_eth1
654 -A ufw-user-output -o eth1 -p tcp -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
655@@ -1783,17 +1783,17 @@ Status: active
656 ### tuple ### allow any any 192.168.0.1 any 10.0.0.1 out_eth1
657 -A ufw-user-output -o eth1 -d 192.168.0.1 -s 10.0.0.1 -j ACCEPT
658
659-### tuple ### deny any 22 192.168.0.1 any 10.0.0.1 out_eth1
660--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
661--A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 22 -s 10.0.0.1 -j DROP
662+### tuple ### deny any 13 192.168.0.1 any 10.0.0.1 out_eth1
663+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 -j DROP
664+-A ufw-user-output -o eth1 -p udp -d 192.168.0.1 --dport 13 -s 10.0.0.1 -j DROP
665 --
666 ### tuple ### reject any any 192.168.0.1 80 10.0.0.1 out_eth1
667 -A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT --reject-with tcp-reset
668 -A ufw-user-output -o eth1 -p udp -d 192.168.0.1 -s 10.0.0.1 --sport 80 -j REJECT
669 --
670-### tuple ### limit any 22 192.168.0.1 80 10.0.0.1 out_eth1
671--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
672--A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 22 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
673+### tuple ### limit any 13 192.168.0.1 80 10.0.0.1 out_eth1
674+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --set
675+-A ufw-user-output -o eth1 -p tcp -d 192.168.0.1 --dport 13 -s 10.0.0.1 --sport 80 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
676 --
677 ### tuple ### allow udp 137,138 0.0.0.0/0 any 0.0.0.0/0 Samba - out_eth2
678 -A ufw-user-output -o eth2 -p udp -m multiport --dports 137,138 -j ACCEPT -m comment --comment 'dapp_Samba'
679@@ -1824,7 +1824,7 @@ WARN: Checks disabled
680 Rule deleted
681
682
683-248: delete reject out on eth1 to 192.168.0.1 port 22
684+248: delete reject out on eth1 to 192.168.0.1 port 13
685 WARN: Checks disabled
686 Rule deleted
687
688@@ -1839,7 +1839,7 @@ WARN: Checks disabled
689 Rule deleted
690
691
692-251: delete deny out on eth1 to 192.168.0.1 port 22 from 10.0.0.1
693+251: delete deny out on eth1 to 192.168.0.1 port 13 from 10.0.0.1
694 WARN: Checks disabled
695 Rule deleted
696
697@@ -1849,7 +1849,7 @@ WARN: Checks disabled
698 Rule deleted
699
700
701-253: delete limit out on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
702+253: delete limit out on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
703 WARN: Checks disabled
704 Rule deleted
705
706@@ -2591,7 +2591,7 @@ Verify secondary chains
707 494: disable
708
709
710-495: allow 22/tcp
711+495: allow 13/tcp
712
713
714 496: enable
715@@ -2675,7 +2675,7 @@ Verify secondary chains
716 522: enable
717
718
719-523: delete allow 22/tcp
720+523: delete allow 13/tcp
721
722
723 Reset test
724@@ -3033,7 +3033,7 @@ Setting IPV6 to yes
725 588: enable
726
727
728-589: limit 22/tcp
729+589: limit 13/tcp
730
731
732 590: allow in on eth0 to 2001::211:aaaa:bbbb:d54c port 123 proto tcp
733@@ -3045,12 +3045,12 @@ Setting IPV6 to yes
734 592: show added
735 WARN: Checks disabled
736 Added user rules (see 'ufw status' for running firewall):
737-ufw limit 22/tcp
738+ufw limit 13/tcp
739 ufw deny Samba
740 ufw allow in on eth0 to 2001::211:aaaa:bbbb:d54c port 123 proto tcp
741
742
743-593: delete limit 22/tcp
744+593: delete limit 13/tcp
745
746
747 594: delete allow in on eth0 to 2001::211:aaaa:bbbb:d54c port 123 proto tcp
748@@ -3072,7 +3072,7 @@ Setting IPV6 to no
749 598: enable
750
751
752-599: limit 22/tcp
753+599: limit 13/tcp
754
755
756 600: deny Samba
757@@ -3081,11 +3081,11 @@ Setting IPV6 to no
758 601: show added
759 WARN: Checks disabled
760 Added user rules (see 'ufw status' for running firewall):
761-ufw limit 22/tcp
762+ufw limit 13/tcp
763 ufw deny Samba
764
765
766-602: delete limit 22/tcp
767+602: delete limit 13/tcp
768
769
770 603: delete deny Samba
771diff --git a/tests/root/live/runtest.sh b/tests/root/live/runtest.sh
772index 3dd4e35..228e3e6 100755
773--- a/tests/root/live/runtest.sh
774+++ b/tests/root/live/runtest.sh
775@@ -43,7 +43,7 @@ do
776 do_cmd "0" allow from 192.168.0.0/16
777 do_cmd "0" deny proto udp from 1.2.3.4 to any port 514
778 do_cmd "0" allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
779- do_cmd "0" limit 22/tcp
780+ do_cmd "0" limit 13/tcp
781 if [ "$ipv6" = "yes" ]; then
782 do_cmd "0" deny proto tcp from 2001:db8::/32 to any port 25
783 do_cmd "0" deny from 2001:db8::/32 port 26 to 2001:db8:3:4:5:6:7:8
784@@ -63,7 +63,7 @@ do
785 do_cmd "0" delete allow from 192.168.0.0/16
786 do_cmd "0" delete deny proto udp from 1.2.3.4 to any port 514
787 do_cmd "0" delete allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
788- do_cmd "0" delete limit 22/tcp
789+ do_cmd "0" delete limit 13/tcp
790 if [ "$ipv6" = "yes" ]; then
791 do_cmd "0" delete deny proto tcp from 2001:db8::/32 to any port 25
792 do_cmd "0" delete deny from 2001:db8::/32 port 26 to 2001:db8:3:4:5:6:7:8
793@@ -132,7 +132,7 @@ do
794 do_cmd "0" allow from 192.168.0.0/16
795 do_cmd "0" deny proto udp from 1.2.3.4 to any port 514
796 do_cmd "0" allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
797- do_cmd "0" limit 22/tcp
798+ do_cmd "0" limit 13/tcp
799 if [ "$ipv6" = "yes" ]; then
800 do_cmd "0" deny proto tcp from 2001:db8::/32 to any port 25
801 do_cmd "0" deny from 2001:db8::/32 port 26 to 2001:db8:3:4:5:6:7:8
802@@ -149,7 +149,7 @@ do
803 do_cmd "0" delete allow from 192.168.0.0/16
804 do_cmd "0" delete deny proto udp from 1.2.3.4 to any port 514
805 do_cmd "0" delete allow proto udp from 1.2.3.5 port 5469 to 1.2.3.4 port 5469
806- do_cmd "0" delete limit 22/tcp
807+ do_cmd "0" delete limit 13/tcp
808 if [ "$ipv6" = "yes" ]; then
809 do_cmd "0" delete deny proto tcp from 2001:db8::/32 to any port 25
810 do_cmd "0" delete deny from 2001:db8::/32 port 26 to 2001:db8:3:4:5:6:7:8
811@@ -168,12 +168,12 @@ do
812
813 do_cmd "0" allow $i on eth1
814 do_cmd "1" null deny $i on eth1:1
815- do_cmd "0" reject $i on eth1 to 192.168.0.1 port 22
816+ do_cmd "0" reject $i on eth1 to 192.168.0.1 port 13
817 do_cmd "0" limit $i on eth1 from 10.0.0.1 port 80
818 do_cmd "0" allow $i on eth1 to 192.168.0.1 from 10.0.0.1
819- do_cmd "0" deny $i on eth1 to 192.168.0.1 port 22 from 10.0.0.1
820+ do_cmd "0" deny $i on eth1 to 192.168.0.1 port 13 from 10.0.0.1
821 do_cmd "0" reject $i on eth1 to 192.168.0.1 from 10.0.0.1 port 80
822- do_cmd "0" limit $i on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
823+ do_cmd "0" limit $i on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
824
825 do_cmd "0" allow $i on eth0 log
826 do_cmd "0" allow $i on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
827@@ -189,12 +189,12 @@ do
828
829 # delete what we added
830 do_cmd "0" delete allow $i on eth1
831- do_cmd "0" delete reject $i on eth1 to 192.168.0.1 port 22
832+ do_cmd "0" delete reject $i on eth1 to 192.168.0.1 port 13
833 do_cmd "0" delete limit $i on eth1 from 10.0.0.1 port 80
834 do_cmd "0" delete allow $i on eth1 to 192.168.0.1 from 10.0.0.1
835- do_cmd "0" delete deny $i on eth1 to 192.168.0.1 port 22 from 10.0.0.1
836+ do_cmd "0" delete deny $i on eth1 to 192.168.0.1 port 13 from 10.0.0.1
837 do_cmd "0" delete reject $i on eth1 to 192.168.0.1 from 10.0.0.1 port 80
838- do_cmd "0" delete limit $i on eth1 to 192.168.0.1 port 22 from 10.0.0.1 port 80
839+ do_cmd "0" delete limit $i on eth1 to 192.168.0.1 port 13 from 10.0.0.1 port 80
840
841 do_cmd "0" delete allow $i on eth0 log
842 do_cmd "0" delete allow $i on eth0 log from 192.168.0.1 to 10.0.0.1 port 24 proto tcp
843@@ -312,7 +312,7 @@ do_cmd "0" nostats disable
844 echo "'Resource temporarily unavailable' test" >> $TESTTMP/result
845 do_cmd "0" nostats disable
846 $TESTSTATE/ufw-init flush-all >/dev/null
847-do_cmd "0" nostats allow 22/tcp
848+do_cmd "0" nostats allow 13/tcp
849 do_cmd "0" nostats enable
850 $TESTSTATE/ufw-init stop >/dev/null
851 for i in `seq 1 25`; do
852@@ -327,7 +327,7 @@ for i in `seq 1 25`; do
853 let count=count+1
854 done
855 do_cmd "0" nostats enable
856-do_cmd "0" nostats delete allow 22/tcp
857+do_cmd "0" nostats delete allow 13/tcp
858
859 echo "Reset test" >> $TESTTMP/result
860 do_cmd "0" nostats enable
861@@ -445,13 +445,13 @@ do
862 sed -i "s/IPV6=.*/IPV6=$ipv6/" $TESTPATH/etc/default/ufw
863 do_cmd "0" nostats disable
864 do_cmd "0" nostats enable
865- do_cmd "0" nostats limit 22/tcp
866+ do_cmd "0" nostats limit 13/tcp
867 if [ "$ipv6" = "yes" ]; then
868 do_cmd "0" nostats allow in on eth0 to 2001::211:aaaa:bbbb:d54c port 123 proto tcp
869 fi
870 do_cmd "0" nostats deny Samba
871 do_cmd "0" show added
872- do_cmd "0" nostats delete limit 22/tcp
873+ do_cmd "0" nostats delete limit 13/tcp
874 if [ "$ipv6" = "yes" ]; then
875 do_cmd "0" nostats delete allow in on eth0 to 2001::211:aaaa:bbbb:d54c port 123 proto tcp
876 fi
877diff --git a/tests/root/live_apps/result b/tests/root/live_apps/result
878index cb97ffb..1d9338e 100644
879--- a/tests/root/live_apps/result
880+++ b/tests/root/live_apps/result
881@@ -31,7 +31,7 @@ Rule added
882 Rule added (v6)
883
884
885-6: allow to any app Samba from any port 22
886+6: allow to any app Samba from any port 13
887 WARN: Checks disabled
888 Rule added
889 Rule added (v6)
890@@ -58,7 +58,7 @@ WARN: Checks disabled
891 Rule added (v6)
892
893
894-11: allow to 2001:db8::/32 app Samba from 2001:db8::/32 port 22
895+11: allow to 2001:db8::/32 app Samba from 2001:db8::/32 port 13
896 WARN: Checks disabled
897 Rule added (v6)
898
899@@ -78,18 +78,18 @@ Apache ALLOW Anywhere
900 Samba ALLOW Anywhere
901 Anywhere ALLOW Samba
902 Samba ALLOW Bind9
903-Samba ALLOW 22
904+Samba ALLOW 13
905 Apache ALLOW 88
906 Apache (v6) ALLOW Anywhere (v6)
907 Samba (v6) ALLOW Anywhere (v6)
908 Anywhere (v6) ALLOW Samba (v6)
909 Samba (v6) ALLOW Bind9 (v6)
910-Samba (v6) ALLOW 22
911+Samba (v6) ALLOW 13
912 Apache (v6) ALLOW 88
913 2001:db8::/32 Samba ALLOW Anywhere (v6)
914 Anywhere (v6) ALLOW 2001:db8::/32 Samba
915 2001:db8::/32 Samba ALLOW 2001:db8::/32 Bind9
916-2001:db8::/32 Samba ALLOW 2001:db8::/32 22
917+2001:db8::/32 Samba ALLOW 2001:db8::/32 13
918 2001:db8::/32 Apache ALLOW 2001:db8::/32 88
919
920
921@@ -110,8 +110,8 @@ Anywhere ALLOW IN 137,138/udp (Samba)
922 Anywhere ALLOW IN 139,445/tcp (Samba)
923 137,138/udp (Samba) ALLOW IN 53/udp (Bind9)
924 139,445/tcp (Samba) ALLOW IN 53/tcp (Bind9)
925-137,138/udp (Samba) ALLOW IN 22/udp
926-139,445/tcp (Samba) ALLOW IN 22/tcp
927+137,138/udp (Samba) ALLOW IN 13/udp
928+139,445/tcp (Samba) ALLOW IN 13/tcp
929 80/tcp (Apache) ALLOW IN 88/tcp
930 80/tcp (Apache (v6)) ALLOW IN Anywhere (v6)
931 137,138/udp (Samba (v6)) ALLOW IN Anywhere (v6)
932@@ -120,8 +120,8 @@ Anywhere (v6) ALLOW IN 137,138/udp (Samba (v6))
933 Anywhere (v6) ALLOW IN 139,445/tcp (Samba (v6))
934 137,138/udp (Samba (v6)) ALLOW IN 53/udp (Bind9 (v6))
935 139,445/tcp (Samba (v6)) ALLOW IN 53/tcp (Bind9 (v6))
936-137,138/udp (Samba (v6)) ALLOW IN 22/udp
937-139,445/tcp (Samba (v6)) ALLOW IN 22/tcp
938+137,138/udp (Samba (v6)) ALLOW IN 13/udp
939+139,445/tcp (Samba (v6)) ALLOW IN 13/tcp
940 80/tcp (Apache (v6)) ALLOW IN 88/tcp
941 2001:db8::/32 137,138/udp (Samba) ALLOW IN Anywhere (v6)
942 2001:db8::/32 139,445/tcp (Samba) ALLOW IN Anywhere (v6)
943@@ -129,8 +129,8 @@ Anywhere (v6) ALLOW IN 2001:db8::/32 137,138/udp (Samba)
944 Anywhere (v6) ALLOW IN 2001:db8::/32 139,445/tcp (Samba)
945 2001:db8::/32 137,138/udp (Samba) ALLOW IN 2001:db8::/32 53/udp (Bind9)
946 2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 53/tcp (Bind9)
947-2001:db8::/32 137,138/udp (Samba) ALLOW IN 2001:db8::/32 22/udp
948-2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 22/tcp
949+2001:db8::/32 137,138/udp (Samba) ALLOW IN 2001:db8::/32 13/udp
950+2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 13/tcp
951 2001:db8::/32 80/tcp (Apache) ALLOW IN 2001:db8::/32 88/tcp
952
953
954@@ -159,7 +159,7 @@ Rule deleted
955 Rule deleted (v6)
956
957
958-19: delete allow to any app Samba from any port 22
959+19: delete allow to any app Samba from any port 13
960 WARN: Checks disabled
961 Rule deleted
962 Rule deleted (v6)
963@@ -186,7 +186,7 @@ WARN: Checks disabled
964 Rule deleted (v6)
965
966
967-24: delete allow to 2001:db8::/32 app Samba from 2001:db8::/32 port 22
968+24: delete allow to 2001:db8::/32 app Samba from 2001:db8::/32 port 13
969 WARN: Checks disabled
970 Rule deleted (v6)
971
972@@ -228,7 +228,7 @@ WARN: Checks disabled
973 Rule added
974
975
976-33: allow to any app Samba from any port 22
977+33: allow to any app Samba from any port 13
978 WARN: Checks disabled
979 Rule added
980
981@@ -253,7 +253,7 @@ WARN: Checks disabled
982 Rule added
983
984
985-38: allow to 192.168.2.0/24 app Samba from 192.168.2.0/24 port 22
986+38: allow to 192.168.2.0/24 app Samba from 192.168.2.0/24 port 13
987 WARN: Checks disabled
988 Rule added
989
990@@ -273,12 +273,12 @@ Apache ALLOW Anywhere
991 Samba ALLOW Anywhere
992 Anywhere ALLOW Samba
993 Samba ALLOW Bind9
994-Samba ALLOW 22
995+Samba ALLOW 13
996 Apache ALLOW 88
997 192.168.2.0/24 Samba ALLOW Anywhere
998 Anywhere ALLOW 192.168.2.0/24 Samba
999 192.168.2.0/24 Samba ALLOW 192.168.2.0/24 Bind9
1000-192.168.2.0/24 Samba ALLOW 192.168.2.0/24 22
1001+192.168.2.0/24 Samba ALLOW 192.168.2.0/24 13
1002 192.168.2.0/24 Apache ALLOW 192.168.2.0/24 88
1003
1004
1005@@ -299,8 +299,8 @@ Anywhere ALLOW IN 137,138/udp (Samba)
1006 Anywhere ALLOW IN 139,445/tcp (Samba)
1007 137,138/udp (Samba) ALLOW IN 53/udp (Bind9)
1008 139,445/tcp (Samba) ALLOW IN 53/tcp (Bind9)
1009-137,138/udp (Samba) ALLOW IN 22/udp
1010-139,445/tcp (Samba) ALLOW IN 22/tcp
1011+137,138/udp (Samba) ALLOW IN 13/udp
1012+139,445/tcp (Samba) ALLOW IN 13/tcp
1013 80/tcp (Apache) ALLOW IN 88/tcp
1014 192.168.2.0/24 137,138/udp (Samba) ALLOW IN Anywhere
1015 192.168.2.0/24 139,445/tcp (Samba) ALLOW IN Anywhere
1016@@ -308,8 +308,8 @@ Anywhere ALLOW IN 192.168.2.0/24 137,138/udp (Samba)
1017 Anywhere ALLOW IN 192.168.2.0/24 139,445/tcp (Samba)
1018 192.168.2.0/24 137,138/udp (Samba) ALLOW IN 192.168.2.0/24 53/udp (Bind9)
1019 192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 53/tcp (Bind9)
1020-192.168.2.0/24 137,138/udp (Samba) ALLOW IN 192.168.2.0/24 22/udp
1021-192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 22/tcp
1022+192.168.2.0/24 137,138/udp (Samba) ALLOW IN 192.168.2.0/24 13/udp
1023+192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 13/tcp
1024 192.168.2.0/24 80/tcp (Apache) ALLOW IN 192.168.2.0/24 88/tcp
1025
1026
1027@@ -334,7 +334,7 @@ WARN: Checks disabled
1028 Rule deleted
1029
1030
1031-46: delete allow to any app Samba from any port 22
1032+46: delete allow to any app Samba from any port 13
1033 WARN: Checks disabled
1034 Rule deleted
1035
1036@@ -359,7 +359,7 @@ WARN: Checks disabled
1037 Rule deleted
1038
1039
1040-51: delete allow to 192.168.2.0/24 app Samba from 192.168.2.0/24 port 22
1041+51: delete allow to 192.168.2.0/24 app Samba from 192.168.2.0/24 port 13
1042 WARN: Checks disabled
1043 Rule deleted
1044
1045@@ -406,7 +406,7 @@ Rule added
1046 Rule added (v6)
1047
1048
1049-60: allow to any app Samba from any port 22
1050+60: allow to any app Samba from any port 13
1051 WARN: Checks disabled
1052 Rule added
1053 Rule added (v6)
1054@@ -433,7 +433,7 @@ WARN: Checks disabled
1055 Rule added (v6)
1056
1057
1058-65: allow to 2001:db8::/32 app Samba from 2001:db8::/32 port 22
1059+65: allow to 2001:db8::/32 app Samba from 2001:db8::/32 port 13
1060 WARN: Checks disabled
1061 Rule added (v6)
1062
1063@@ -453,18 +453,18 @@ Apache ALLOW Anywhere
1064 Samba ALLOW Anywhere
1065 Anywhere ALLOW Samba
1066 Samba ALLOW Bind9
1067-Samba ALLOW 22
1068+Samba ALLOW 13
1069 Apache ALLOW 88
1070 Apache (v6) ALLOW Anywhere (v6)
1071 Samba (v6) ALLOW Anywhere (v6)
1072 Anywhere (v6) ALLOW Samba (v6)
1073 Samba (v6) ALLOW Bind9 (v6)
1074-Samba (v6) ALLOW 22
1075+Samba (v6) ALLOW 13
1076 Apache (v6) ALLOW 88
1077 2001:db8::/32 Samba ALLOW Anywhere (v6)
1078 Anywhere (v6) ALLOW 2001:db8::/32 Samba
1079 2001:db8::/32 Samba ALLOW 2001:db8::/32 Bind9
1080-2001:db8::/32 Samba ALLOW 2001:db8::/32 22
1081+2001:db8::/32 Samba ALLOW 2001:db8::/32 13
1082 2001:db8::/32 Apache ALLOW 2001:db8::/32 88
1083
1084
1085@@ -485,8 +485,8 @@ Anywhere ALLOW IN 137,138/udp (Samba)
1086 Anywhere ALLOW IN 139,445/tcp (Samba)
1087 137,138/udp (Samba) ALLOW IN 53/udp (Bind9)
1088 139,445/tcp (Samba) ALLOW IN 53/tcp (Bind9)
1089-137,138/udp (Samba) ALLOW IN 22/udp
1090-139,445/tcp (Samba) ALLOW IN 22/tcp
1091+137,138/udp (Samba) ALLOW IN 13/udp
1092+139,445/tcp (Samba) ALLOW IN 13/tcp
1093 80/tcp (Apache) ALLOW IN 88/tcp
1094 80/tcp (Apache (v6)) ALLOW IN Anywhere (v6)
1095 137,138/udp (Samba (v6)) ALLOW IN Anywhere (v6)
1096@@ -495,8 +495,8 @@ Anywhere (v6) ALLOW IN 137,138/udp (Samba (v6))
1097 Anywhere (v6) ALLOW IN 139,445/tcp (Samba (v6))
1098 137,138/udp (Samba (v6)) ALLOW IN 53/udp (Bind9 (v6))
1099 139,445/tcp (Samba (v6)) ALLOW IN 53/tcp (Bind9 (v6))
1100-137,138/udp (Samba (v6)) ALLOW IN 22/udp
1101-139,445/tcp (Samba (v6)) ALLOW IN 22/tcp
1102+137,138/udp (Samba (v6)) ALLOW IN 13/udp
1103+139,445/tcp (Samba (v6)) ALLOW IN 13/tcp
1104 80/tcp (Apache (v6)) ALLOW IN 88/tcp
1105 2001:db8::/32 137,138/udp (Samba) ALLOW IN Anywhere (v6)
1106 2001:db8::/32 139,445/tcp (Samba) ALLOW IN Anywhere (v6)
1107@@ -504,8 +504,8 @@ Anywhere (v6) ALLOW IN 2001:db8::/32 137,138/udp (Samba)
1108 Anywhere (v6) ALLOW IN 2001:db8::/32 139,445/tcp (Samba)
1109 2001:db8::/32 137,138/udp (Samba) ALLOW IN 2001:db8::/32 53/udp (Bind9)
1110 2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 53/tcp (Bind9)
1111-2001:db8::/32 137,138/udp (Samba) ALLOW IN 2001:db8::/32 22/udp
1112-2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 22/tcp
1113+2001:db8::/32 137,138/udp (Samba) ALLOW IN 2001:db8::/32 13/udp
1114+2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 13/tcp
1115 2001:db8::/32 80/tcp (Apache) ALLOW IN 2001:db8::/32 88/tcp
1116
1117
1118@@ -532,18 +532,18 @@ Apache ALLOW Anywhere
1119 Samba ALLOW Anywhere
1120 Anywhere ALLOW Samba
1121 Samba ALLOW Bind9
1122-Samba ALLOW 22
1123+Samba ALLOW 13
1124 Apache ALLOW 88
1125 Apache (v6) ALLOW Anywhere (v6)
1126 Samba (v6) ALLOW Anywhere (v6)
1127 Anywhere (v6) ALLOW Samba (v6)
1128 Samba (v6) ALLOW Bind9 (v6)
1129-Samba (v6) ALLOW 22
1130+Samba (v6) ALLOW 13
1131 Apache (v6) ALLOW 88
1132 2001:db8::/32 Samba ALLOW Anywhere (v6)
1133 Anywhere (v6) ALLOW 2001:db8::/32 Samba
1134 2001:db8::/32 Samba ALLOW 2001:db8::/32 Bind9
1135-2001:db8::/32 Samba ALLOW 2001:db8::/32 22
1136+2001:db8::/32 Samba ALLOW 2001:db8::/32 13
1137 2001:db8::/32 Apache ALLOW 2001:db8::/32 88
1138
1139
1140@@ -564,8 +564,8 @@ Anywhere ALLOW IN 138,9999/udp (Samba)
1141 Anywhere ALLOW IN 139,445/tcp (Samba)
1142 138,9999/udp (Samba) ALLOW IN 53/udp (Bind9)
1143 139,445/tcp (Samba) ALLOW IN 53/tcp (Bind9)
1144-138,9999/udp (Samba) ALLOW IN 22/udp
1145-139,445/tcp (Samba) ALLOW IN 22/tcp
1146+138,9999/udp (Samba) ALLOW IN 13/udp
1147+139,445/tcp (Samba) ALLOW IN 13/tcp
1148 8888/tcp (Apache) ALLOW IN 88/tcp
1149 8888/tcp (Apache (v6)) ALLOW IN Anywhere (v6)
1150 138,9999/udp (Samba (v6)) ALLOW IN Anywhere (v6)
1151@@ -574,8 +574,8 @@ Anywhere (v6) ALLOW IN 138,9999/udp (Samba (v6))
1152 Anywhere (v6) ALLOW IN 139,445/tcp (Samba (v6))
1153 138,9999/udp (Samba (v6)) ALLOW IN 53/udp (Bind9 (v6))
1154 139,445/tcp (Samba (v6)) ALLOW IN 53/tcp (Bind9 (v6))
1155-138,9999/udp (Samba (v6)) ALLOW IN 22/udp
1156-139,445/tcp (Samba (v6)) ALLOW IN 22/tcp
1157+138,9999/udp (Samba (v6)) ALLOW IN 13/udp
1158+139,445/tcp (Samba (v6)) ALLOW IN 13/tcp
1159 8888/tcp (Apache (v6)) ALLOW IN 88/tcp
1160 2001:db8::/32 138,9999/udp (Samba) ALLOW IN Anywhere (v6)
1161 2001:db8::/32 139,445/tcp (Samba) ALLOW IN Anywhere (v6)
1162@@ -583,8 +583,8 @@ Anywhere (v6) ALLOW IN 2001:db8::/32 138,9999/udp (Samba)
1163 Anywhere (v6) ALLOW IN 2001:db8::/32 139,445/tcp (Samba)
1164 2001:db8::/32 138,9999/udp (Samba) ALLOW IN 2001:db8::/32 53/udp (Bind9)
1165 2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 53/tcp (Bind9)
1166-2001:db8::/32 138,9999/udp (Samba) ALLOW IN 2001:db8::/32 22/udp
1167-2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 22/tcp
1168+2001:db8::/32 138,9999/udp (Samba) ALLOW IN 2001:db8::/32 13/udp
1169+2001:db8::/32 139,445/tcp (Samba) ALLOW IN 2001:db8::/32 13/tcp
1170 2001:db8::/32 8888/tcp (Apache) ALLOW IN 2001:db8::/32 88/tcp
1171
1172
1173@@ -613,7 +613,7 @@ Rule deleted
1174 Rule deleted (v6)
1175
1176
1177-77: delete allow to any app Samba from any port 22
1178+77: delete allow to any app Samba from any port 13
1179 WARN: Checks disabled
1180 Rule deleted
1181 Rule deleted (v6)
1182@@ -640,7 +640,7 @@ WARN: Checks disabled
1183 Rule deleted (v6)
1184
1185
1186-82: delete allow to 2001:db8::/32 app Samba from 2001:db8::/32 port 22
1187+82: delete allow to 2001:db8::/32 app Samba from 2001:db8::/32 port 13
1188 WARN: Checks disabled
1189 Rule deleted (v6)
1190
1191@@ -682,7 +682,7 @@ WARN: Checks disabled
1192 Rule added
1193
1194
1195-91: allow to any app Samba from any port 22
1196+91: allow to any app Samba from any port 13
1197 WARN: Checks disabled
1198 Rule added
1199
1200@@ -707,7 +707,7 @@ WARN: Checks disabled
1201 Rule added
1202
1203
1204-96: allow to 192.168.2.0/24 app Samba from 192.168.2.0/24 port 22
1205+96: allow to 192.168.2.0/24 app Samba from 192.168.2.0/24 port 13
1206 WARN: Checks disabled
1207 Rule added
1208
1209@@ -727,12 +727,12 @@ Apache ALLOW Anywhere
1210 Samba ALLOW Anywhere
1211 Anywhere ALLOW Samba
1212 Samba ALLOW Bind9
1213-Samba ALLOW 22
1214+Samba ALLOW 13
1215 Apache ALLOW 88
1216 192.168.2.0/24 Samba ALLOW Anywhere
1217 Anywhere ALLOW 192.168.2.0/24 Samba
1218 192.168.2.0/24 Samba ALLOW 192.168.2.0/24 Bind9
1219-192.168.2.0/24 Samba ALLOW 192.168.2.0/24 22
1220+192.168.2.0/24 Samba ALLOW 192.168.2.0/24 13
1221 192.168.2.0/24 Apache ALLOW 192.168.2.0/24 88
1222
1223
1224@@ -753,8 +753,8 @@ Anywhere ALLOW IN 137,138/udp (Samba)
1225 Anywhere ALLOW IN 139,445/tcp (Samba)
1226 137,138/udp (Samba) ALLOW IN 53/udp (Bind9)
1227 139,445/tcp (Samba) ALLOW IN 53/tcp (Bind9)
1228-137,138/udp (Samba) ALLOW IN 22/udp
1229-139,445/tcp (Samba) ALLOW IN 22/tcp
1230+137,138/udp (Samba) ALLOW IN 13/udp
1231+139,445/tcp (Samba) ALLOW IN 13/tcp
1232 80/tcp (Apache) ALLOW IN 88/tcp
1233 192.168.2.0/24 137,138/udp (Samba) ALLOW IN Anywhere
1234 192.168.2.0/24 139,445/tcp (Samba) ALLOW IN Anywhere
1235@@ -762,8 +762,8 @@ Anywhere ALLOW IN 192.168.2.0/24 137,138/udp (Samba)
1236 Anywhere ALLOW IN 192.168.2.0/24 139,445/tcp (Samba)
1237 192.168.2.0/24 137,138/udp (Samba) ALLOW IN 192.168.2.0/24 53/udp (Bind9)
1238 192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 53/tcp (Bind9)
1239-192.168.2.0/24 137,138/udp (Samba) ALLOW IN 192.168.2.0/24 22/udp
1240-192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 22/tcp
1241+192.168.2.0/24 137,138/udp (Samba) ALLOW IN 192.168.2.0/24 13/udp
1242+192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 13/tcp
1243 192.168.2.0/24 80/tcp (Apache) ALLOW IN 192.168.2.0/24 88/tcp
1244
1245
1246@@ -790,12 +790,12 @@ Apache ALLOW Anywhere
1247 Samba ALLOW Anywhere
1248 Anywhere ALLOW Samba
1249 Samba ALLOW Bind9
1250-Samba ALLOW 22
1251+Samba ALLOW 13
1252 Apache ALLOW 88
1253 192.168.2.0/24 Samba ALLOW Anywhere
1254 Anywhere ALLOW 192.168.2.0/24 Samba
1255 192.168.2.0/24 Samba ALLOW 192.168.2.0/24 Bind9
1256-192.168.2.0/24 Samba ALLOW 192.168.2.0/24 22
1257+192.168.2.0/24 Samba ALLOW 192.168.2.0/24 13
1258 192.168.2.0/24 Apache ALLOW 192.168.2.0/24 88
1259
1260
1261@@ -816,8 +816,8 @@ Anywhere ALLOW IN 138,9999/udp (Samba)
1262 Anywhere ALLOW IN 139,445/tcp (Samba)
1263 138,9999/udp (Samba) ALLOW IN 53/udp (Bind9)
1264 139,445/tcp (Samba) ALLOW IN 53/tcp (Bind9)
1265-138,9999/udp (Samba) ALLOW IN 22/udp
1266-139,445/tcp (Samba) ALLOW IN 22/tcp
1267+138,9999/udp (Samba) ALLOW IN 13/udp
1268+139,445/tcp (Samba) ALLOW IN 13/tcp
1269 8888/tcp (Apache) ALLOW IN 88/tcp
1270 192.168.2.0/24 138,9999/udp (Samba) ALLOW IN Anywhere
1271 192.168.2.0/24 139,445/tcp (Samba) ALLOW IN Anywhere
1272@@ -825,8 +825,8 @@ Anywhere ALLOW IN 192.168.2.0/24 138,9999/udp (Samba)
1273 Anywhere ALLOW IN 192.168.2.0/24 139,445/tcp (Samba)
1274 192.168.2.0/24 138,9999/udp (Samba) ALLOW IN 192.168.2.0/24 53/udp (Bind9)
1275 192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 53/tcp (Bind9)
1276-192.168.2.0/24 138,9999/udp (Samba) ALLOW IN 192.168.2.0/24 22/udp
1277-192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 22/tcp
1278+192.168.2.0/24 138,9999/udp (Samba) ALLOW IN 192.168.2.0/24 13/udp
1279+192.168.2.0/24 139,445/tcp (Samba) ALLOW IN 192.168.2.0/24 13/tcp
1280 192.168.2.0/24 8888/tcp (Apache) ALLOW IN 192.168.2.0/24 88/tcp
1281
1282
1283@@ -851,7 +851,7 @@ WARN: Checks disabled
1284 Rule deleted
1285
1286
1287-108: delete allow to any app Samba from any port 22
1288+108: delete allow to any app Samba from any port 13
1289 WARN: Checks disabled
1290 Rule deleted
1291
1292@@ -876,7 +876,7 @@ WARN: Checks disabled
1293 Rule deleted
1294
1295
1296-113: delete allow to 192.168.2.0/24 app Samba from 192.168.2.0/24 port 22
1297+113: delete allow to 192.168.2.0/24 app Samba from 192.168.2.0/24 port 13
1298 WARN: Checks disabled
1299 Rule deleted
1300
1301@@ -1356,7 +1356,7 @@ WARN: Checks disabled
1302 Rule added
1303
1304
1305-164: allow 22
1306+164: allow 13
1307 WARN: Checks disabled
1308 Rule added
1309
1310@@ -1435,9 +1435,9 @@ Rule inserted
1311 ### tuple ### allow tcp 139,445 10.0.0.1 any 192.168.0.1 Samba - in
1312 -A ufw-user-input -p tcp -m multiport --dports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ACCEPT -m comment --comment 'dapp_Samba'
1313
1314-### tuple ### allow any 22 0.0.0.0/0 any 0.0.0.0/0 in
1315--A ufw-user-input -p tcp --dport 22 -j ACCEPT
1316--A ufw-user-input -p udp --dport 22 -j ACCEPT
1317+### tuple ### allow any 13 0.0.0.0/0 any 0.0.0.0/0 in
1318+-A ufw-user-input -p tcp --dport 13 -j ACCEPT
1319+-A ufw-user-input -p udp --dport 13 -j ACCEPT
1320
1321 ### END RULES ###
1322
1323@@ -1488,7 +1488,7 @@ WARN: Checks disabled
1324 Rule deleted
1325
1326
1327-173: delete allow 22
1328+173: delete allow 13
1329 WARN: Checks disabled
1330 Rule deleted
1331
1332@@ -1799,7 +1799,7 @@ Rule added
1333 Rule added (v6)
1334
1335
1336-192: allow 22
1337+192: allow 13
1338 WARN: Checks disabled
1339 Rule added
1340 Rule added (v6)
1341@@ -1880,9 +1880,9 @@ Rule inserted
1342 ### tuple ### allow tcp 139,445 10.0.0.1 any 192.168.0.1 Samba - in
1343 -A ufw-user-input -p tcp -m multiport --dports 139,445 -d 10.0.0.1 -s 192.168.0.1 -j ACCEPT -m comment --comment 'dapp_Samba'
1344
1345-### tuple ### allow any 22 0.0.0.0/0 any 0.0.0.0/0 in
1346--A ufw-user-input -p tcp --dport 22 -j ACCEPT
1347--A ufw-user-input -p udp --dport 22 -j ACCEPT
1348+### tuple ### allow any 13 0.0.0.0/0 any 0.0.0.0/0 in
1349+-A ufw-user-input -p tcp --dport 13 -j ACCEPT
1350+-A ufw-user-input -p udp --dport 13 -j ACCEPT
1351
1352 ### END RULES ###
1353
1354@@ -1923,9 +1923,9 @@ COMMIT
1355 ### tuple ### allow tcp 139,445 ::/0 any ::/0 Samba - in
1356 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
1357
1358-### tuple ### allow any 22 ::/0 any ::/0 in
1359--A ufw6-user-input -p tcp --dport 22 -j ACCEPT
1360--A ufw6-user-input -p udp --dport 22 -j ACCEPT
1361+### tuple ### allow any 13 ::/0 any ::/0 in
1362+-A ufw6-user-input -p tcp --dport 13 -j ACCEPT
1363+-A ufw6-user-input -p udp --dport 13 -j ACCEPT
1364
1365 ### END RULES ###
1366
1367@@ -1949,7 +1949,7 @@ Rule deleted
1368 Rule deleted (v6)
1369
1370
1371-201: delete allow 22
1372+201: delete allow 13
1373 WARN: Checks disabled
1374 Rule deleted
1375 Rule deleted (v6)
1376@@ -2606,7 +2606,7 @@ Setting IPV6 to yes
1377 278: allow Samba
1378
1379
1380-279: allow 22/tcp
1381+279: allow 13/tcp
1382
1383
1384 ### tuple ### allow udp any 0.0.0.0/0 137,138 0.0.0.0/0 - Samba in
1385@@ -2621,8 +2621,8 @@ Setting IPV6 to yes
1386 ### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
1387 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
1388
1389-### tuple ### allow tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1390--A ufw-user-input -p tcp --dport 22 -j ACCEPT
1391+### tuple ### allow tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1392+-A ufw-user-input -p tcp --dport 13 -j ACCEPT
1393
1394 ### tuple ### allow udp any ::/0 137,138 ::/0 - Samba in
1395 -A ufw6-user-input -p udp -m multiport --sports 137,138 -j ACCEPT -m comment --comment 'sapp_Samba'
1396@@ -2636,8 +2636,8 @@ Setting IPV6 to yes
1397 ### tuple ### allow tcp 139,445 ::/0 any ::/0 Samba - in
1398 -A ufw6-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
1399
1400-### tuple ### allow tcp 22 ::/0 any ::/0 in
1401--A ufw6-user-input -p tcp --dport 22 -j ACCEPT
1402+### tuple ### allow tcp 13 ::/0 any ::/0 in
1403+-A ufw6-user-input -p tcp --dport 13 -j ACCEPT
1404
1405 280: --force delete 6
1406
1407@@ -2706,7 +2706,7 @@ Setting IPV6 to no
1408 289: allow Samba
1409
1410
1411-290: allow 22/tcp
1412+290: allow 13/tcp
1413
1414
1415 ### tuple ### allow udp any 0.0.0.0/0 137,138 0.0.0.0/0 - Samba in
1416@@ -2721,8 +2721,8 @@ Setting IPV6 to no
1417 ### tuple ### allow tcp 139,445 0.0.0.0/0 any 0.0.0.0/0 Samba - in
1418 -A ufw-user-input -p tcp -m multiport --dports 139,445 -j ACCEPT -m comment --comment 'dapp_Samba'
1419
1420-### tuple ### allow tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1421--A ufw-user-input -p tcp --dport 22 -j ACCEPT
1422+### tuple ### allow tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1423+-A ufw-user-input -p tcp --dport 13 -j ACCEPT
1424
1425 291: --force delete 3
1426
1427diff --git a/tests/root/live_apps/runtest.sh b/tests/root/live_apps/runtest.sh
1428index 04bbde3..5feb86c 100755
1429--- a/tests/root/live_apps/runtest.sh
1430+++ b/tests/root/live_apps/runtest.sh
1431@@ -51,7 +51,7 @@ do
1432 do_cmd "0" allow to $loc app Samba
1433 do_cmd "0" allow from $loc app Samba
1434 do_cmd "0" allow to $loc app Samba from $loc app Bind9
1435- do_cmd "0" allow to $loc app Samba from $loc port 22
1436+ do_cmd "0" allow to $loc app Samba from $loc port 13
1437 do_cmd "0" allow to $loc app Apache from $loc port 88
1438 done
1439 do_cmd "0" status
1440@@ -78,7 +78,7 @@ do
1441 do_cmd "0" delete allow to $loc app Samba
1442 do_cmd "0" delete allow from $loc app Samba
1443 do_cmd "0" delete allow to $loc app Samba from $loc app Bind9
1444- do_cmd "0" delete allow to $loc app Samba from $loc port 22
1445+ do_cmd "0" delete allow to $loc app Samba from $loc port 13
1446 do_cmd "0" delete allow to $loc app Apache from $loc port 88
1447 done
1448 do_cmd "0" status
1449@@ -188,7 +188,7 @@ for ipv6 in no yes ; do
1450 cat $TESTSTATE/user6.rules >> $TESTTMP/result
1451
1452 do_cmd "0" allow Samba
1453- do_cmd "0" allow 22
1454+ do_cmd "0" allow 13
1455 do_cmd "0" insert 2 allow from any to any app Samba
1456 do_cmd "0" insert 2 allow from 192.168.0.1 to 10.0.0.1 app Samba
1457 do_cmd "0" insert 2 allow from 192.168.0.1 to any app Samba
1458@@ -209,7 +209,7 @@ for ipv6 in no yes ; do
1459 }
1460
1461 do_cmd "0" delete allow Samba
1462- do_cmd "0" delete allow 22
1463+ do_cmd "0" delete allow 13
1464 do_cmd "0" delete allow from any to any app Samba
1465 do_cmd "0" delete allow from 192.168.0.1 to 10.0.0.1 app Samba
1466 do_cmd "0" delete allow from 192.168.0.1 to any app Samba
1467@@ -258,7 +258,7 @@ do
1468
1469 do_cmd "0" nostats allow from any app Samba
1470 do_cmd "0" nostats allow Samba
1471- do_cmd "0" nostats allow 22/tcp
1472+ do_cmd "0" nostats allow 13/tcp
1473
1474 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
1475 if [ "$ipv6" = "yes" ]; then
1476@@ -267,16 +267,16 @@ do
1477
1478 if [ "$ipv6" = "yes" ]; then
1479 do_cmd "0" null --force delete 6
1480- grep -v -q "^### tuple ### allow any 22 " $TESTSTATE/user6.rules || {
1481- echo "Failed: Found port '22' in user6.rules" >> $TESTTMP/result
1482+ grep -v -q "^### tuple ### allow any 13 " $TESTSTATE/user6.rules || {
1483+ echo "Failed: Found port '13' in user6.rules" >> $TESTTMP/result
1484 exit 1
1485 }
1486 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
1487 fi
1488
1489 do_cmd "0" null --force delete 3
1490- grep -v -q "^### tuple ### allow any 22 " $TESTSTATE/user.rules || {
1491- echo "Failed: Found port '22' in user.rules" >> $TESTTMP/result
1492+ grep -v -q "^### tuple ### allow any 13 " $TESTSTATE/user.rules || {
1493+ echo "Failed: Found port '13' in user.rules" >> $TESTTMP/result
1494 exit 1
1495 }
1496 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
1497diff --git a/tests/root/valid/result b/tests/root/valid/result
1498index 320a728..752b6f2 100644
1499--- a/tests/root/valid/result
1500+++ b/tests/root/valid/result
1501@@ -215,7 +215,7 @@ Rules updated
1502 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1503 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1504
1505-26: limit 22/tcp
1506+26: limit 13/tcp
1507 WARN: Checks disabled
1508 Rules updated
1509
1510@@ -233,9 +233,9 @@ Rules updated
1511 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1512 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1513
1514-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1515--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1516--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1517+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1518+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1519+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1520 27: deny 53
1521 WARN: Checks disabled
1522 Rules updated
1523@@ -254,9 +254,9 @@ Rules updated
1524 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1525 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1526
1527-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1528--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1529--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1530+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1531+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1532+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1533 28: allow 80/tcp
1534 WARN: Checks disabled
1535 Rules updated
1536@@ -275,9 +275,9 @@ Rules updated
1537 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1538 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1539
1540-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1541--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1542--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1543+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1544+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1545+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1546 29: allow from 10.0.0.0/8
1547 WARN: Checks disabled
1548 Rules updated
1549@@ -296,9 +296,9 @@ Rules updated
1550 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1551 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1552
1553-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1554--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1555--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1556+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1557+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1558+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1559 --
1560 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
1561 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
1562@@ -321,9 +321,9 @@ Rules updated
1563 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1564 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1565
1566-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1567--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1568--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1569+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1570+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1571+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1572 --
1573 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
1574 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
1575@@ -349,9 +349,9 @@ Rules updated
1576 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1577 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1578
1579-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1580--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1581--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1582+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1583+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1584+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1585 --
1586 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
1587 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
1588@@ -380,9 +380,9 @@ Rules updated
1589 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1590 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1591
1592-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1593--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1594--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1595+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1596+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1597+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1598 --
1599 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
1600 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
1601@@ -414,9 +414,9 @@ Rules updated
1602 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1603 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1604
1605-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1606--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1607--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1608+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1609+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1610+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1611 --
1612 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
1613 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
1614@@ -451,9 +451,9 @@ Rules updated
1615 ### tuple ### deny tcp 25 192.168.0.1 any 10.0.0.0/8 in
1616 -A ufw-user-input -p tcp -d 192.168.0.1 --dport 25 -s 10.0.0.0/8 -j DROP
1617
1618-### tuple ### limit tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1619--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --set
1620--A ufw-user-input -p tcp --dport 22 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1621+### tuple ### limit tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1622+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --set
1623+-A ufw-user-input -p tcp --dport 13 -m conntrack --ctstate NEW -m recent --update --seconds 30 --hitcount 6 -j ufw-user-limit
1624 --
1625 ### tuple ### allow any any 0.0.0.0/0 any 10.0.0.0/8 in
1626 -A ufw-user-input -s 10.0.0.0/8 -j ACCEPT
1627@@ -483,7 +483,7 @@ WARN: Checks disabled
1628 Rules updated
1629
1630
1631-37: delete limit 22/tcp
1632+37: delete limit 13/tcp
1633 WARN: Checks disabled
1634 Rules updated
1635
1636@@ -659,41 +659,41 @@ WARN: Checks disabled
1637 Rules updated
1638
1639
1640-66: allow ssh
1641+66: allow daytime
1642 WARN: Checks disabled
1643 Rules updated
1644
1645
1646-### tuple ### allow any 22 0.0.0.0/0 any 0.0.0.0/0 in
1647--A ufw-user-input -p tcp --dport 22 -j ACCEPT
1648--A ufw-user-input -p udp --dport 22 -j ACCEPT
1649-67: delete allow ssh
1650+### tuple ### allow any 13 0.0.0.0/0 any 0.0.0.0/0 in
1651+-A ufw-user-input -p tcp --dport 13 -j ACCEPT
1652+-A ufw-user-input -p udp --dport 13 -j ACCEPT
1653+67: delete allow daytime
1654 WARN: Checks disabled
1655 Rules updated
1656
1657
1658-68: allow ssh/tcp
1659+68: allow daytime/tcp
1660 WARN: Checks disabled
1661 Rules updated
1662
1663
1664-### tuple ### allow tcp 22 0.0.0.0/0 any 0.0.0.0/0 in
1665--A ufw-user-input -p tcp --dport 22 -j ACCEPT
1666+### tuple ### allow tcp 13 0.0.0.0/0 any 0.0.0.0/0 in
1667+-A ufw-user-input -p tcp --dport 13 -j ACCEPT
1668
1669-69: delete allow ssh/tcp
1670+69: delete allow daytime/tcp
1671 WARN: Checks disabled
1672 Rules updated
1673
1674
1675-70: allow ssh/udp
1676+70: allow daytime/udp
1677 WARN: Checks disabled
1678 Rules updated
1679
1680
1681-### tuple ### allow udp 22 0.0.0.0/0 any 0.0.0.0/0 in
1682--A ufw-user-input -p udp --dport 22 -j ACCEPT
1683+### tuple ### allow udp 13 0.0.0.0/0 any 0.0.0.0/0 in
1684+-A ufw-user-input -p udp --dport 13 -j ACCEPT
1685
1686-71: delete allow ssh/udp
1687+71: delete allow daytime/udp
1688 WARN: Checks disabled
1689 Rules updated
1690
1691@@ -1679,28 +1679,28 @@ WARN: Checks disabled
1692 Rules updated
1693
1694
1695-219: allow to any port smtp from any port ssh
1696+219: allow to any port smtp from any port daytime
1697 WARN: Checks disabled
1698 Rules updated
1699
1700
1701-### tuple ### allow tcp 25 0.0.0.0/0 22 0.0.0.0/0 in
1702--A ufw-user-input -p tcp --dport 25 --sport 22 -j ACCEPT
1703+### tuple ### allow tcp 25 0.0.0.0/0 13 0.0.0.0/0 in
1704+-A ufw-user-input -p tcp --dport 25 --sport 13 -j ACCEPT
1705
1706-220: delete allow to any port smtp from any port ssh
1707+220: delete allow to any port smtp from any port daytime
1708 WARN: Checks disabled
1709 Rules updated
1710
1711
1712-221: allow to any port ssh from any port smtp
1713+221: allow to any port daytime from any port smtp
1714 WARN: Checks disabled
1715 Rules updated
1716
1717
1718-### tuple ### allow tcp 22 0.0.0.0/0 25 0.0.0.0/0 in
1719--A ufw-user-input -p tcp --dport 22 --sport 25 -j ACCEPT
1720+### tuple ### allow tcp 13 0.0.0.0/0 25 0.0.0.0/0 in
1721+-A ufw-user-input -p tcp --dport 13 --sport 25 -j ACCEPT
1722
1723-222: delete allow to any port ssh from any port smtp
1724+222: delete allow to any port daytime from any port smtp
1725 WARN: Checks disabled
1726 Rules updated
1727
1728@@ -1744,28 +1744,28 @@ WARN: Checks disabled
1729 Rules updated
1730
1731
1732-229: allow to any port tftp from any port ssh
1733+229: allow to any port tftp from any port daytime
1734 WARN: Checks disabled
1735 Rules updated
1736
1737
1738-### tuple ### allow udp 69 0.0.0.0/0 22 0.0.0.0/0 in
1739--A ufw-user-input -p udp --dport 69 --sport 22 -j ACCEPT
1740+### tuple ### allow udp 69 0.0.0.0/0 13 0.0.0.0/0 in
1741+-A ufw-user-input -p udp --dport 69 --sport 13 -j ACCEPT
1742
1743-230: delete allow to any port tftp from any port ssh
1744+230: delete allow to any port tftp from any port daytime
1745 WARN: Checks disabled
1746 Rules updated
1747
1748
1749-231: allow to any port ssh from any port tftp
1750+231: allow to any port daytime from any port tftp
1751 WARN: Checks disabled
1752 Rules updated
1753
1754
1755-### tuple ### allow udp 22 0.0.0.0/0 69 0.0.0.0/0 in
1756--A ufw-user-input -p udp --dport 22 --sport 69 -j ACCEPT
1757+### tuple ### allow udp 13 0.0.0.0/0 69 0.0.0.0/0 in
1758+-A ufw-user-input -p udp --dport 13 --sport 69 -j ACCEPT
1759
1760-232: delete allow to any port ssh from any port tftp
1761+232: delete allow to any port daytime from any port tftp
1762 WARN: Checks disabled
1763 Rules updated
1764
1765@@ -1796,41 +1796,41 @@ WARN: Checks disabled
1766 Rules updated
1767
1768
1769-237: allow to any port ssh from any port 23
1770+237: allow to any port daytime from any port 23
1771 WARN: Checks disabled
1772 Rules updated
1773
1774
1775-### tuple ### allow any 22 0.0.0.0/0 23 0.0.0.0/0 in
1776--A ufw-user-input -p tcp --dport 22 --sport 23 -j ACCEPT
1777--A ufw-user-input -p udp --dport 22 --sport 23 -j ACCEPT
1778-238: delete allow to any port ssh from any port 23
1779+### tuple ### allow any 13 0.0.0.0/0 23 0.0.0.0/0 in
1780+-A ufw-user-input -p tcp --dport 13 --sport 23 -j ACCEPT
1781+-A ufw-user-input -p udp --dport 13 --sport 23 -j ACCEPT
1782+238: delete allow to any port daytime from any port 23
1783 WARN: Checks disabled
1784 Rules updated
1785
1786
1787-239: allow to any port 23 from any port ssh
1788+239: allow to any port 23 from any port daytime
1789 WARN: Checks disabled
1790 Rules updated
1791
1792
1793-### tuple ### allow any 23 0.0.0.0/0 22 0.0.0.0/0 in
1794--A ufw-user-input -p tcp --dport 23 --sport 22 -j ACCEPT
1795--A ufw-user-input -p udp --dport 23 --sport 22 -j ACCEPT
1796-240: delete allow to any port 23 from any port ssh
1797+### tuple ### allow any 23 0.0.0.0/0 13 0.0.0.0/0 in
1798+-A ufw-user-input -p tcp --dport 23 --sport 13 -j ACCEPT
1799+-A ufw-user-input -p udp --dport 23 --sport 13 -j ACCEPT
1800+240: delete allow to any port 23 from any port daytime
1801 WARN: Checks disabled
1802 Rules updated
1803
1804
1805-241: allow to any port ssh from any port domain
1806+241: allow to any port daytime from any port domain
1807 WARN: Checks disabled
1808 Rules updated
1809
1810
1811-### tuple ### allow any 22 0.0.0.0/0 53 0.0.0.0/0 in
1812--A ufw-user-input -p tcp --dport 22 --sport 53 -j ACCEPT
1813--A ufw-user-input -p udp --dport 22 --sport 53 -j ACCEPT
1814-242: delete allow to any port ssh from any port domain
1815+### tuple ### allow any 13 0.0.0.0/0 53 0.0.0.0/0 in
1816+-A ufw-user-input -p tcp --dport 13 --sport 53 -j ACCEPT
1817+-A ufw-user-input -p udp --dport 13 --sport 53 -j ACCEPT
1818+242: delete allow to any port daytime from any port domain
1819 WARN: Checks disabled
1820 Rules updated
1821
1822@@ -1848,28 +1848,28 @@ WARN: Checks disabled
1823 Rules updated
1824
1825
1826-245: allow to any port smtp from any port ssh proto tcp
1827+245: allow to any port smtp from any port daytime proto tcp
1828 WARN: Checks disabled
1829 Rules updated
1830
1831
1832-### tuple ### allow tcp 25 0.0.0.0/0 22 0.0.0.0/0 in
1833--A ufw-user-input -p tcp --dport 25 --sport 22 -j ACCEPT
1834+### tuple ### allow tcp 25 0.0.0.0/0 13 0.0.0.0/0 in
1835+-A ufw-user-input -p tcp --dport 25 --sport 13 -j ACCEPT
1836
1837-246: delete allow to any port smtp from any port ssh proto tcp
1838+246: delete allow to any port smtp from any port daytime proto tcp
1839 WARN: Checks disabled
1840 Rules updated
1841
1842
1843-247: allow to any port ssh from any port smtp proto tcp
1844+247: allow to any port daytime from any port smtp proto tcp
1845 WARN: Checks disabled
1846 Rules updated
1847
1848
1849-### tuple ### allow tcp 22 0.0.0.0/0 25 0.0.0.0/0 in
1850--A ufw-user-input -p tcp --dport 22 --sport 25 -j ACCEPT
1851+### tuple ### allow tcp 13 0.0.0.0/0 25 0.0.0.0/0 in
1852+-A ufw-user-input -p tcp --dport 13 --sport 25 -j ACCEPT
1853
1854-248: delete allow to any port ssh from any port smtp proto tcp
1855+248: delete allow to any port daytime from any port smtp proto tcp
1856 WARN: Checks disabled
1857 Rules updated
1858
1859@@ -1913,28 +1913,28 @@ WARN: Checks disabled
1860 Rules updated
1861
1862
1863-255: allow to any port tftp from any port ssh proto udp
1864+255: allow to any port tftp from any port daytime proto udp
1865 WARN: Checks disabled
1866 Rules updated
1867
1868
1869-### tuple ### allow udp 69 0.0.0.0/0 22 0.0.0.0/0 in
1870--A ufw-user-input -p udp --dport 69 --sport 22 -j ACCEPT
1871+### tuple ### allow udp 69 0.0.0.0/0 13 0.0.0.0/0 in
1872+-A ufw-user-input -p udp --dport 69 --sport 13 -j ACCEPT
1873
1874-256: delete allow to any port tftp from any port ssh proto udp
1875+256: delete allow to any port tftp from any port daytime proto udp
1876 WARN: Checks disabled
1877 Rules updated
1878
1879
1880-257: allow to any port ssh from any port tftp proto udp
1881+257: allow to any port daytime from any port tftp proto udp
1882 WARN: Checks disabled
1883 Rules updated
1884
1885
1886-### tuple ### allow udp 22 0.0.0.0/0 69 0.0.0.0/0 in
1887--A ufw-user-input -p udp --dport 22 --sport 69 -j ACCEPT
1888+### tuple ### allow udp 13 0.0.0.0/0 69 0.0.0.0/0 in
1889+-A ufw-user-input -p udp --dport 13 --sport 69 -j ACCEPT
1890
1891-258: delete allow to any port ssh from any port tftp proto udp
1892+258: delete allow to any port daytime from any port tftp proto udp
1893 WARN: Checks disabled
1894 Rules updated
1895
1896@@ -1965,80 +1965,80 @@ WARN: Checks disabled
1897 Rules updated
1898
1899
1900-263: allow to any port ssh from any port 23 proto tcp
1901+263: allow to any port daytime from any port 23 proto tcp
1902 WARN: Checks disabled
1903 Rules updated
1904
1905
1906-### tuple ### allow tcp 22 0.0.0.0/0 23 0.0.0.0/0 in
1907--A ufw-user-input -p tcp --dport 22 --sport 23 -j ACCEPT
1908+### tuple ### allow tcp 13 0.0.0.0/0 23 0.0.0.0/0 in
1909+-A ufw-user-input -p tcp --dport 13 --sport 23 -j ACCEPT
1910
1911-264: delete allow to any port ssh from any port 23 proto tcp
1912+264: delete allow to any port daytime from any port 23 proto tcp
1913 WARN: Checks disabled
1914 Rules updated
1915
1916
1917-265: allow to any port 23 from any port ssh proto tcp
1918+265: allow to any port 23 from any port daytime proto tcp
1919 WARN: Checks disabled
1920 Rules updated
1921
1922
1923-### tuple ### allow tcp 23 0.0.0.0/0 22 0.0.0.0/0 in
1924--A ufw-user-input -p tcp --dport 23 --sport 22 -j ACCEPT
1925+### tuple ### allow tcp 23 0.0.0.0/0 13 0.0.0.0/0 in
1926+-A ufw-user-input -p tcp --dport 23 --sport 13 -j ACCEPT
1927
1928-266: delete allow to any port 23 from any port ssh proto tcp
1929+266: delete allow to any port 23 from any port daytime proto tcp
1930 WARN: Checks disabled
1931 Rules updated
1932
1933
1934-267: allow to any port ssh from any port domain proto tcp
1935+267: allow to any port daytime from any port domain proto tcp
1936 WARN: Checks disabled
1937 Rules updated
1938
1939
1940-### tuple ### allow tcp 22 0.0.0.0/0 53 0.0.0.0/0 in
1941--A ufw-user-input -p tcp --dport 22 --sport 53 -j ACCEPT
1942+### tuple ### allow tcp 13 0.0.0.0/0 53 0.0.0.0/0 in
1943+-A ufw-user-input -p tcp --dport 13 --sport 53 -j ACCEPT
1944
1945-268: delete allow to any port ssh from any port domain proto tcp
1946+268: delete allow to any port daytime from any port domain proto tcp
1947 WARN: Checks disabled
1948 Rules updated
1949
1950
1951-269: allow to any port ssh from any port 23 proto udp
1952+269: allow to any port daytime from any port 23 proto udp
1953 WARN: Checks disabled
1954 Rules updated
1955
1956
1957-### tuple ### allow udp 22 0.0.0.0/0 23 0.0.0.0/0 in
1958--A ufw-user-input -p udp --dport 22 --sport 23 -j ACCEPT
1959+### tuple ### allow udp 13 0.0.0.0/0 23 0.0.0.0/0 in
1960+-A ufw-user-input -p udp --dport 13 --sport 23 -j ACCEPT
1961
1962-270: delete allow to any port ssh from any port 23 proto udp
1963+270: delete allow to any port daytime from any port 23 proto udp
1964 WARN: Checks disabled
1965 Rules updated
1966
1967
1968-271: allow to any port 23 from any port ssh proto udp
1969+271: allow to any port 23 from any port daytime proto udp
1970 WARN: Checks disabled
1971 Rules updated
1972
1973
1974-### tuple ### allow udp 23 0.0.0.0/0 22 0.0.0.0/0 in
1975--A ufw-user-input -p udp --dport 23 --sport 22 -j ACCEPT
1976+### tuple ### allow udp 23 0.0.0.0/0 13 0.0.0.0/0 in
1977+-A ufw-user-input -p udp --dport 23 --sport 13 -j ACCEPT
1978
1979-272: delete allow to any port 23 from any port ssh proto udp
1980+272: delete allow to any port 23 from any port daytime proto udp
1981 WARN: Checks disabled
1982 Rules updated
1983
1984
1985-273: allow to any port ssh from any port domain proto udp
1986+273: allow to any port daytime from any port domain proto udp
1987 WARN: Checks disabled
1988 Rules updated
1989
1990
1991-### tuple ### allow udp 22 0.0.0.0/0 53 0.0.0.0/0 in
1992--A ufw-user-input -p udp --dport 22 --sport 53 -j ACCEPT
1993+### tuple ### allow udp 13 0.0.0.0/0 53 0.0.0.0/0 in
1994+-A ufw-user-input -p udp --dport 13 --sport 53 -j ACCEPT
1995
1996-274: delete allow to any port ssh from any port domain proto udp
1997+274: delete allow to any port daytime from any port domain proto udp
1998 WARN: Checks disabled
1999 Rules updated
2000
2001@@ -2196,41 +2196,41 @@ WARN: Checks disabled
2002 Rules updated
2003
2004
2005-297: allow to 192.168.0.1 port 80:83,22 proto tcp
2006+297: allow to 192.168.0.1 port 80:83,13 proto tcp
2007 WARN: Checks disabled
2008 Rules updated
2009
2010
2011-### tuple ### allow tcp 22,80:83 192.168.0.1 any 0.0.0.0/0 in
2012--A ufw-user-input -p tcp -m multiport --dports 22,80:83 -d 192.168.0.1 -j ACCEPT
2013+### tuple ### allow tcp 13,80:83 192.168.0.1 any 0.0.0.0/0 in
2014+-A ufw-user-input -p tcp -m multiport --dports 13,80:83 -d 192.168.0.1 -j ACCEPT
2015
2016-298: delete allow to 192.168.0.1 port 80:83,22 proto tcp
2017+298: delete allow to 192.168.0.1 port 80:83,13 proto tcp
2018 WARN: Checks disabled
2019 Rules updated
2020
2021
2022-299: allow from 192.168.0.1 port 35:39 to 192.168.0.2 port 22 proto tcp
2023+299: allow from 192.168.0.1 port 35:39 to 192.168.0.2 port 13 proto tcp
2024 WARN: Checks disabled
2025 Rules updated
2026
2027
2028-### tuple ### allow tcp 22 192.168.0.2 35:39 192.168.0.1 in
2029--A ufw-user-input -p tcp -m multiport --dports 22 -m multiport --sports 35:39 -d 192.168.0.2 -s 192.168.0.1 -j ACCEPT
2030+### tuple ### allow tcp 13 192.168.0.2 35:39 192.168.0.1 in
2031+-A ufw-user-input -p tcp -m multiport --dports 13 -m multiport --sports 35:39 -d 192.168.0.2 -s 192.168.0.1 -j ACCEPT
2032
2033-300: delete allow from 192.168.0.1 port 35:39 to 192.168.0.2 port 22 proto tcp
2034+300: delete allow from 192.168.0.1 port 35:39 to 192.168.0.2 port 13 proto tcp
2035 WARN: Checks disabled
2036 Rules updated
2037
2038
2039-301: allow to any port 23,21,15:19,22 from any port 24:26 proto udp
2040+301: allow to any port 23,21,15:19,13 from any port 24:26 proto udp
2041 WARN: Checks disabled
2042 Rules updated
2043
2044
2045-### tuple ### allow udp 15:19,21,22,23 0.0.0.0/0 24:26 0.0.0.0/0 in
2046--A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m multiport --sports 24:26 -j ACCEPT
2047+### tuple ### allow udp 13,15:19,21,23 0.0.0.0/0 24:26 0.0.0.0/0 in
2048+-A ufw-user-input -p udp -m multiport --dports 13,15:19,21,23 -m multiport --sports 24:26 -j ACCEPT
2049
2050-302: delete allow to any port 23,21,15:19,22 from any port 24:26 proto udp
2051+302: delete allow to any port 23,21,15:19,13 from any port 24:26 proto udp
2052 WARN: Checks disabled
2053 Rules updated
2054
2055@@ -2274,15 +2274,15 @@ WARN: Checks disabled
2056 Rules updated
2057
2058
2059-309: deny 23,21,15:19,22/udp
2060+309: deny 23,21,15:19,13/udp
2061 WARN: Checks disabled
2062 Rules updated
2063
2064
2065-### tuple ### deny udp 15:19,21,22,23 0.0.0.0/0 any 0.0.0.0/0 in
2066--A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -j DROP
2067+### tuple ### deny udp 13,15:19,21,23 0.0.0.0/0 any 0.0.0.0/0 in
2068+-A ufw-user-input -p udp -m multiport --dports 13,15:19,21,23 -j DROP
2069
2070-310: delete deny 23,21,15:19,22/udp
2071+310: delete deny 23,21,15:19,13/udp
2072 WARN: Checks disabled
2073 Rules updated
2074
2075diff --git a/tests/root/valid/runtest.sh b/tests/root/valid/runtest.sh
2076index aa03d99..feeacba 100755
2077--- a/tests/root/valid/runtest.sh
2078+++ b/tests/root/valid/runtest.sh
2079@@ -76,7 +76,7 @@ do_cmd "0" deny to any port 80 proto tcp
2080 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2081 do_cmd "0" deny from 10.0.0.0/8 to 192.168.0.1 port 25 proto tcp
2082 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2083-do_cmd "0" limit 22/tcp
2084+do_cmd "0" limit 13/tcp
2085 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2086 do_cmd "0" deny 53
2087 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2088@@ -97,7 +97,7 @@ grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2089
2090 do_cmd "0" delete allow 25/tcp
2091 do_cmd "0" delete deny from 10.0.0.0/8 to 192.168.0.1 port 25 proto tcp
2092-do_cmd "0" delete limit 22/tcp
2093+do_cmd "0" delete limit 13/tcp
2094 do_cmd "0" delete deny 53
2095 do_cmd "0" delete allow 80/tcp
2096 do_cmd "0" delete allow from 10.0.0.0/8
2097@@ -160,19 +160,19 @@ grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2098 do_cmd "0" delete allow tftp/udp
2099 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2100
2101-do_cmd "0" allow ssh
2102+do_cmd "0" allow daytime
2103 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2104-do_cmd "0" delete allow ssh
2105+do_cmd "0" delete allow daytime
2106 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2107
2108-do_cmd "0" allow ssh/tcp
2109+do_cmd "0" allow daytime/tcp
2110 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2111-do_cmd "0" delete allow ssh/tcp
2112+do_cmd "0" delete allow daytime/tcp
2113 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2114
2115-do_cmd "0" allow ssh/udp
2116+do_cmd "0" allow daytime/udp
2117 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2118-do_cmd "0" delete allow ssh/udp
2119+do_cmd "0" delete allow daytime/udp
2120 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2121
2122
2123@@ -250,13 +250,13 @@ do_cmd "0" allow to any port smtp from any port smtp
2124 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2125 do_cmd "0" delete allow to any port smtp from any port smtp
2126 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2127-do_cmd "0" allow to any port smtp from any port ssh
2128+do_cmd "0" allow to any port smtp from any port daytime
2129 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2130-do_cmd "0" delete allow to any port smtp from any port ssh
2131+do_cmd "0" delete allow to any port smtp from any port daytime
2132 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2133-do_cmd "0" allow to any port ssh from any port smtp
2134+do_cmd "0" allow to any port daytime from any port smtp
2135 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2136-do_cmd "0" delete allow to any port ssh from any port smtp
2137+do_cmd "0" delete allow to any port daytime from any port smtp
2138 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2139 do_cmd "0" allow to any port smtp from any port 23
2140 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2141@@ -270,13 +270,13 @@ do_cmd "0" allow to any port tftp from any port tftp
2142 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2143 do_cmd "0" delete allow to any port tftp from any port tftp
2144 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2145-do_cmd "0" allow to any port tftp from any port ssh
2146+do_cmd "0" allow to any port tftp from any port daytime
2147 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2148-do_cmd "0" delete allow to any port tftp from any port ssh
2149+do_cmd "0" delete allow to any port tftp from any port daytime
2150 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2151-do_cmd "0" allow to any port ssh from any port tftp
2152+do_cmd "0" allow to any port daytime from any port tftp
2153 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2154-do_cmd "0" delete allow to any port ssh from any port tftp
2155+do_cmd "0" delete allow to any port daytime from any port tftp
2156 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2157 do_cmd "0" allow to any port tftp from any port 23
2158 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2159@@ -286,30 +286,30 @@ do_cmd "0" allow to any port 23 from any port tftp
2160 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2161 do_cmd "0" delete allow to any port 23 from any port tftp
2162 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2163-do_cmd "0" allow to any port ssh from any port 23
2164+do_cmd "0" allow to any port daytime from any port 23
2165 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2166-do_cmd "0" delete allow to any port ssh from any port 23
2167+do_cmd "0" delete allow to any port daytime from any port 23
2168 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2169-do_cmd "0" allow to any port 23 from any port ssh
2170+do_cmd "0" allow to any port 23 from any port daytime
2171 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2172-do_cmd "0" delete allow to any port 23 from any port ssh
2173+do_cmd "0" delete allow to any port 23 from any port daytime
2174 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2175-do_cmd "0" allow to any port ssh from any port domain
2176+do_cmd "0" allow to any port daytime from any port domain
2177 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2178-do_cmd "0" delete allow to any port ssh from any port domain
2179+do_cmd "0" delete allow to any port daytime from any port domain
2180 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2181
2182 do_cmd "0" allow to any port smtp from any port smtp proto tcp
2183 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2184 do_cmd "0" delete allow to any port smtp from any port smtp proto tcp
2185 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2186-do_cmd "0" allow to any port smtp from any port ssh proto tcp
2187+do_cmd "0" allow to any port smtp from any port daytime proto tcp
2188 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2189-do_cmd "0" delete allow to any port smtp from any port ssh proto tcp
2190+do_cmd "0" delete allow to any port smtp from any port daytime proto tcp
2191 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2192-do_cmd "0" allow to any port ssh from any port smtp proto tcp
2193+do_cmd "0" allow to any port daytime from any port smtp proto tcp
2194 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2195-do_cmd "0" delete allow to any port ssh from any port smtp proto tcp
2196+do_cmd "0" delete allow to any port daytime from any port smtp proto tcp
2197 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2198 do_cmd "0" allow to any port smtp from any port 23 proto tcp
2199 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2200@@ -323,13 +323,13 @@ do_cmd "0" allow to any port tftp from any port tftp proto udp
2201 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2202 do_cmd "0" delete allow to any port tftp from any port tftp proto udp
2203 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2204-do_cmd "0" allow to any port tftp from any port ssh proto udp
2205+do_cmd "0" allow to any port tftp from any port daytime proto udp
2206 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2207-do_cmd "0" delete allow to any port tftp from any port ssh proto udp
2208+do_cmd "0" delete allow to any port tftp from any port daytime proto udp
2209 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2210-do_cmd "0" allow to any port ssh from any port tftp proto udp
2211+do_cmd "0" allow to any port daytime from any port tftp proto udp
2212 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2213-do_cmd "0" delete allow to any port ssh from any port tftp proto udp
2214+do_cmd "0" delete allow to any port daytime from any port tftp proto udp
2215 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2216 do_cmd "0" allow to any port tftp from any port 23 proto udp
2217 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2218@@ -339,29 +339,29 @@ do_cmd "0" allow to any port 23 from any port tftp proto udp
2219 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2220 do_cmd "0" delete allow to any port 23 from any port tftp proto udp
2221 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2222-do_cmd "0" allow to any port ssh from any port 23 proto tcp
2223+do_cmd "0" allow to any port daytime from any port 23 proto tcp
2224 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2225-do_cmd "0" delete allow to any port ssh from any port 23 proto tcp
2226+do_cmd "0" delete allow to any port daytime from any port 23 proto tcp
2227 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2228-do_cmd "0" allow to any port 23 from any port ssh proto tcp
2229+do_cmd "0" allow to any port 23 from any port daytime proto tcp
2230 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2231-do_cmd "0" delete allow to any port 23 from any port ssh proto tcp
2232+do_cmd "0" delete allow to any port 23 from any port daytime proto tcp
2233 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2234-do_cmd "0" allow to any port ssh from any port domain proto tcp
2235+do_cmd "0" allow to any port daytime from any port domain proto tcp
2236 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2237-do_cmd "0" delete allow to any port ssh from any port domain proto tcp
2238+do_cmd "0" delete allow to any port daytime from any port domain proto tcp
2239 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2240-do_cmd "0" allow to any port ssh from any port 23 proto udp
2241+do_cmd "0" allow to any port daytime from any port 23 proto udp
2242 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2243-do_cmd "0" delete allow to any port ssh from any port 23 proto udp
2244+do_cmd "0" delete allow to any port daytime from any port 23 proto udp
2245 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2246-do_cmd "0" allow to any port 23 from any port ssh proto udp
2247+do_cmd "0" allow to any port 23 from any port daytime proto udp
2248 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2249-do_cmd "0" delete allow to any port 23 from any port ssh proto udp
2250+do_cmd "0" delete allow to any port 23 from any port daytime proto udp
2251 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2252-do_cmd "0" allow to any port ssh from any port domain proto udp
2253+do_cmd "0" allow to any port daytime from any port domain proto udp
2254 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2255-do_cmd "0" delete allow to any port ssh from any port domain proto udp
2256+do_cmd "0" delete allow to any port daytime from any port domain proto udp
2257 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2258
2259 echo "TESTING NETMASK" >> $TESTTMP/result
2260@@ -413,17 +413,17 @@ do_cmd "0" allow to 192.168.0.1 port 80:83 proto tcp
2261 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2262 do_cmd "0" delete allow to 192.168.0.1 port 80:83 proto tcp
2263 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2264-do_cmd "0" allow to 192.168.0.1 port 80:83,22 proto tcp
2265+do_cmd "0" allow to 192.168.0.1 port 80:83,13 proto tcp
2266 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2267-do_cmd "0" delete allow to 192.168.0.1 port 80:83,22 proto tcp
2268+do_cmd "0" delete allow to 192.168.0.1 port 80:83,13 proto tcp
2269 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2270-do_cmd "0" allow from 192.168.0.1 port 35:39 to 192.168.0.2 port 22 proto tcp
2271+do_cmd "0" allow from 192.168.0.1 port 35:39 to 192.168.0.2 port 13 proto tcp
2272 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2273-do_cmd "0" delete allow from 192.168.0.1 port 35:39 to 192.168.0.2 port 22 proto tcp
2274+do_cmd "0" delete allow from 192.168.0.1 port 35:39 to 192.168.0.2 port 13 proto tcp
2275 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2276-do_cmd "0" allow to any port 23,21,15:19,22 from any port 24:26 proto udp
2277+do_cmd "0" allow to any port 23,21,15:19,13 from any port 24:26 proto udp
2278 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2279-do_cmd "0" delete allow to any port 23,21,15:19,22 from any port 24:26 proto udp
2280+do_cmd "0" delete allow to any port 23,21,15:19,13 from any port 24:26 proto udp
2281 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2282 do_cmd "0" allow 34,35/tcp
2283 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2284@@ -437,9 +437,9 @@ do_cmd "0" deny 35:39/udp
2285 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2286 do_cmd "0" delete deny 35:39/udp
2287 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2288-do_cmd "0" deny 23,21,15:19,22/udp
2289+do_cmd "0" deny 23,21,15:19,13/udp
2290 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2291-do_cmd "0" delete deny 23,21,15:19,22/udp
2292+do_cmd "0" delete deny 23,21,15:19,13/udp
2293 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2294
2295 cleanup
2296diff --git a/tests/root/valid6/result b/tests/root/valid6/result
2297index 74fcd86..f568a2f 100644
2298--- a/tests/root/valid6/result
2299+++ b/tests/root/valid6/result
2300@@ -1049,31 +1049,31 @@ Rules updated
2301 Rules updated (v6)
2302
2303
2304-164: allow to any port smtp from any port ssh
2305+164: allow to any port smtp from any port daytime
2306 WARN: Checks disabled
2307 Rules updated
2308 Rules updated (v6)
2309
2310
2311-### tuple ### allow tcp 25 ::/0 22 ::/0 in
2312--A ufw6-user-input -p tcp --dport 25 --sport 22 -j ACCEPT
2313+### tuple ### allow tcp 25 ::/0 13 ::/0 in
2314+-A ufw6-user-input -p tcp --dport 25 --sport 13 -j ACCEPT
2315
2316-165: delete allow to any port smtp from any port ssh
2317+165: delete allow to any port smtp from any port daytime
2318 WARN: Checks disabled
2319 Rules updated
2320 Rules updated (v6)
2321
2322
2323-166: allow to any port ssh from any port smtp
2324+166: allow to any port daytime from any port smtp
2325 WARN: Checks disabled
2326 Rules updated
2327 Rules updated (v6)
2328
2329
2330-### tuple ### allow tcp 22 ::/0 25 ::/0 in
2331--A ufw6-user-input -p tcp --dport 22 --sport 25 -j ACCEPT
2332+### tuple ### allow tcp 13 ::/0 25 ::/0 in
2333+-A ufw6-user-input -p tcp --dport 13 --sport 25 -j ACCEPT
2334
2335-167: delete allow to any port ssh from any port smtp
2336+167: delete allow to any port daytime from any port smtp
2337 WARN: Checks disabled
2338 Rules updated
2339 Rules updated (v6)
2340@@ -1124,31 +1124,31 @@ Rules updated
2341 Rules updated (v6)
2342
2343
2344-174: allow to any port tftp from any port ssh
2345+174: allow to any port tftp from any port daytime
2346 WARN: Checks disabled
2347 Rules updated
2348 Rules updated (v6)
2349
2350
2351-### tuple ### allow udp 69 ::/0 22 ::/0 in
2352--A ufw6-user-input -p udp --dport 69 --sport 22 -j ACCEPT
2353+### tuple ### allow udp 69 ::/0 13 ::/0 in
2354+-A ufw6-user-input -p udp --dport 69 --sport 13 -j ACCEPT
2355
2356-175: delete allow to any port tftp from any port ssh
2357+175: delete allow to any port tftp from any port daytime
2358 WARN: Checks disabled
2359 Rules updated
2360 Rules updated (v6)
2361
2362
2363-176: allow to any port ssh from any port tftp
2364+176: allow to any port daytime from any port tftp
2365 WARN: Checks disabled
2366 Rules updated
2367 Rules updated (v6)
2368
2369
2370-### tuple ### allow udp 22 ::/0 69 ::/0 in
2371--A ufw6-user-input -p udp --dport 22 --sport 69 -j ACCEPT
2372+### tuple ### allow udp 13 ::/0 69 ::/0 in
2373+-A ufw6-user-input -p udp --dport 13 --sport 69 -j ACCEPT
2374
2375-177: delete allow to any port ssh from any port tftp
2376+177: delete allow to any port daytime from any port tftp
2377 WARN: Checks disabled
2378 Rules updated
2379 Rules updated (v6)
2380@@ -1184,46 +1184,46 @@ Rules updated
2381 Rules updated (v6)
2382
2383
2384-182: allow to any port ssh from any port 23
2385+182: allow to any port daytime from any port 23
2386 WARN: Checks disabled
2387 Rules updated
2388 Rules updated (v6)
2389
2390
2391-### tuple ### allow any 22 ::/0 23 ::/0 in
2392--A ufw6-user-input -p tcp --dport 22 --sport 23 -j ACCEPT
2393--A ufw6-user-input -p udp --dport 22 --sport 23 -j ACCEPT
2394-183: delete allow to any port ssh from any port 23
2395+### tuple ### allow any 13 ::/0 23 ::/0 in
2396+-A ufw6-user-input -p tcp --dport 13 --sport 23 -j ACCEPT
2397+-A ufw6-user-input -p udp --dport 13 --sport 23 -j ACCEPT
2398+183: delete allow to any port daytime from any port 23
2399 WARN: Checks disabled
2400 Rules updated
2401 Rules updated (v6)
2402
2403
2404-184: allow to any port 23 from any port ssh
2405+184: allow to any port 23 from any port daytime
2406 WARN: Checks disabled
2407 Rules updated
2408 Rules updated (v6)
2409
2410
2411-### tuple ### allow any 23 ::/0 22 ::/0 in
2412--A ufw6-user-input -p tcp --dport 23 --sport 22 -j ACCEPT
2413--A ufw6-user-input -p udp --dport 23 --sport 22 -j ACCEPT
2414-185: delete allow to any port 23 from any port ssh
2415+### tuple ### allow any 23 ::/0 13 ::/0 in
2416+-A ufw6-user-input -p tcp --dport 23 --sport 13 -j ACCEPT
2417+-A ufw6-user-input -p udp --dport 23 --sport 13 -j ACCEPT
2418+185: delete allow to any port 23 from any port daytime
2419 WARN: Checks disabled
2420 Rules updated
2421 Rules updated (v6)
2422
2423
2424-186: allow to any port ssh from any port domain
2425+186: allow to any port daytime from any port domain
2426 WARN: Checks disabled
2427 Rules updated
2428 Rules updated (v6)
2429
2430
2431-### tuple ### allow any 22 ::/0 53 ::/0 in
2432--A ufw6-user-input -p tcp --dport 22 --sport 53 -j ACCEPT
2433--A ufw6-user-input -p udp --dport 22 --sport 53 -j ACCEPT
2434-187: delete allow to any port ssh from any port domain
2435+### tuple ### allow any 13 ::/0 53 ::/0 in
2436+-A ufw6-user-input -p tcp --dport 13 --sport 53 -j ACCEPT
2437+-A ufw6-user-input -p udp --dport 13 --sport 53 -j ACCEPT
2438+187: delete allow to any port daytime from any port domain
2439 WARN: Checks disabled
2440 Rules updated
2441 Rules updated (v6)
2442@@ -1244,31 +1244,31 @@ Rules updated
2443 Rules updated (v6)
2444
2445
2446-190: allow to any port smtp from any port ssh proto tcp
2447+190: allow to any port smtp from any port daytime proto tcp
2448 WARN: Checks disabled
2449 Rules updated
2450 Rules updated (v6)
2451
2452
2453-### tuple ### allow tcp 25 ::/0 22 ::/0 in
2454--A ufw6-user-input -p tcp --dport 25 --sport 22 -j ACCEPT
2455+### tuple ### allow tcp 25 ::/0 13 ::/0 in
2456+-A ufw6-user-input -p tcp --dport 25 --sport 13 -j ACCEPT
2457
2458-191: delete allow to any port smtp from any port ssh proto tcp
2459+191: delete allow to any port smtp from any port daytime proto tcp
2460 WARN: Checks disabled
2461 Rules updated
2462 Rules updated (v6)
2463
2464
2465-192: allow to any port ssh from any port smtp proto tcp
2466+192: allow to any port daytime from any port smtp proto tcp
2467 WARN: Checks disabled
2468 Rules updated
2469 Rules updated (v6)
2470
2471
2472-### tuple ### allow tcp 22 ::/0 25 ::/0 in
2473--A ufw6-user-input -p tcp --dport 22 --sport 25 -j ACCEPT
2474+### tuple ### allow tcp 13 ::/0 25 ::/0 in
2475+-A ufw6-user-input -p tcp --dport 13 --sport 25 -j ACCEPT
2476
2477-193: delete allow to any port ssh from any port smtp proto tcp
2478+193: delete allow to any port daytime from any port smtp proto tcp
2479 WARN: Checks disabled
2480 Rules updated
2481 Rules updated (v6)
2482@@ -1319,31 +1319,31 @@ Rules updated
2483 Rules updated (v6)
2484
2485
2486-200: allow to any port tftp from any port ssh proto udp
2487+200: allow to any port tftp from any port daytime proto udp
2488 WARN: Checks disabled
2489 Rules updated
2490 Rules updated (v6)
2491
2492
2493-### tuple ### allow udp 69 ::/0 22 ::/0 in
2494--A ufw6-user-input -p udp --dport 69 --sport 22 -j ACCEPT
2495+### tuple ### allow udp 69 ::/0 13 ::/0 in
2496+-A ufw6-user-input -p udp --dport 69 --sport 13 -j ACCEPT
2497
2498-201: delete allow to any port tftp from any port ssh proto udp
2499+201: delete allow to any port tftp from any port daytime proto udp
2500 WARN: Checks disabled
2501 Rules updated
2502 Rules updated (v6)
2503
2504
2505-202: allow to any port ssh from any port tftp proto udp
2506+202: allow to any port daytime from any port tftp proto udp
2507 WARN: Checks disabled
2508 Rules updated
2509 Rules updated (v6)
2510
2511
2512-### tuple ### allow udp 22 ::/0 69 ::/0 in
2513--A ufw6-user-input -p udp --dport 22 --sport 69 -j ACCEPT
2514+### tuple ### allow udp 13 ::/0 69 ::/0 in
2515+-A ufw6-user-input -p udp --dport 13 --sport 69 -j ACCEPT
2516
2517-203: delete allow to any port ssh from any port tftp proto udp
2518+203: delete allow to any port daytime from any port tftp proto udp
2519 WARN: Checks disabled
2520 Rules updated
2521 Rules updated (v6)
2522@@ -1379,91 +1379,91 @@ Rules updated
2523 Rules updated (v6)
2524
2525
2526-208: allow to any port ssh from any port 23 proto tcp
2527+208: allow to any port daytime from any port 23 proto tcp
2528 WARN: Checks disabled
2529 Rules updated
2530 Rules updated (v6)
2531
2532
2533-### tuple ### allow tcp 22 ::/0 23 ::/0 in
2534--A ufw6-user-input -p tcp --dport 22 --sport 23 -j ACCEPT
2535+### tuple ### allow tcp 13 ::/0 23 ::/0 in
2536+-A ufw6-user-input -p tcp --dport 13 --sport 23 -j ACCEPT
2537
2538-209: delete allow to any port ssh from any port 23 proto tcp
2539+209: delete allow to any port daytime from any port 23 proto tcp
2540 WARN: Checks disabled
2541 Rules updated
2542 Rules updated (v6)
2543
2544
2545-210: allow to any port 23 from any port ssh proto tcp
2546+210: allow to any port 23 from any port daytime proto tcp
2547 WARN: Checks disabled
2548 Rules updated
2549 Rules updated (v6)
2550
2551
2552-### tuple ### allow tcp 23 ::/0 22 ::/0 in
2553--A ufw6-user-input -p tcp --dport 23 --sport 22 -j ACCEPT
2554+### tuple ### allow tcp 23 ::/0 13 ::/0 in
2555+-A ufw6-user-input -p tcp --dport 23 --sport 13 -j ACCEPT
2556
2557-211: delete allow to any port 23 from any port ssh proto tcp
2558+211: delete allow to any port 23 from any port daytime proto tcp
2559 WARN: Checks disabled
2560 Rules updated
2561 Rules updated (v6)
2562
2563
2564-212: allow to any port ssh from any port domain proto tcp
2565+212: allow to any port daytime from any port domain proto tcp
2566 WARN: Checks disabled
2567 Rules updated
2568 Rules updated (v6)
2569
2570
2571-### tuple ### allow tcp 22 ::/0 53 ::/0 in
2572--A ufw6-user-input -p tcp --dport 22 --sport 53 -j ACCEPT
2573+### tuple ### allow tcp 13 ::/0 53 ::/0 in
2574+-A ufw6-user-input -p tcp --dport 13 --sport 53 -j ACCEPT
2575
2576-213: delete allow to any port ssh from any port domain proto tcp
2577+213: delete allow to any port daytime from any port domain proto tcp
2578 WARN: Checks disabled
2579 Rules updated
2580 Rules updated (v6)
2581
2582
2583-214: allow to any port ssh from any port 23 proto udp
2584+214: allow to any port daytime from any port 23 proto udp
2585 WARN: Checks disabled
2586 Rules updated
2587 Rules updated (v6)
2588
2589
2590-### tuple ### allow udp 22 ::/0 23 ::/0 in
2591--A ufw6-user-input -p udp --dport 22 --sport 23 -j ACCEPT
2592+### tuple ### allow udp 13 ::/0 23 ::/0 in
2593+-A ufw6-user-input -p udp --dport 13 --sport 23 -j ACCEPT
2594
2595-215: delete allow to any port ssh from any port 23 proto udp
2596+215: delete allow to any port daytime from any port 23 proto udp
2597 WARN: Checks disabled
2598 Rules updated
2599 Rules updated (v6)
2600
2601
2602-216: allow to any port 23 from any port ssh proto udp
2603+216: allow to any port 23 from any port daytime proto udp
2604 WARN: Checks disabled
2605 Rules updated
2606 Rules updated (v6)
2607
2608
2609-### tuple ### allow udp 23 ::/0 22 ::/0 in
2610--A ufw6-user-input -p udp --dport 23 --sport 22 -j ACCEPT
2611+### tuple ### allow udp 23 ::/0 13 ::/0 in
2612+-A ufw6-user-input -p udp --dport 23 --sport 13 -j ACCEPT
2613
2614-217: delete allow to any port 23 from any port ssh proto udp
2615+217: delete allow to any port 23 from any port daytime proto udp
2616 WARN: Checks disabled
2617 Rules updated
2618 Rules updated (v6)
2619
2620
2621-218: allow to any port ssh from any port domain proto udp
2622+218: allow to any port daytime from any port domain proto udp
2623 WARN: Checks disabled
2624 Rules updated
2625 Rules updated (v6)
2626
2627
2628-### tuple ### allow udp 22 ::/0 53 ::/0 in
2629--A ufw6-user-input -p udp --dport 22 --sport 53 -j ACCEPT
2630+### tuple ### allow udp 13 ::/0 53 ::/0 in
2631+-A ufw6-user-input -p udp --dport 13 --sport 53 -j ACCEPT
2632
2633-219: delete allow to any port ssh from any port domain proto udp
2634+219: delete allow to any port daytime from any port domain proto udp
2635 WARN: Checks disabled
2636 Rules updated
2637 Rules updated (v6)
2638@@ -1575,63 +1575,63 @@ WARN: Checks disabled
2639 Rules updated (v6)
2640
2641
2642-236: allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83,22 proto tcp
2643+236: allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83,13 proto tcp
2644 WARN: Checks disabled
2645 Rules updated (v6)
2646
2647
2648-### tuple ### allow tcp 22,80:83 2001:db8:85a3:8d3:1319:8a2e:370:7341 any ::/0 in
2649--A ufw6-user-input -p tcp -m multiport --dports 22,80:83 -d 2001:db8:85a3:8d3:1319:8a2e:370:7341 -j ACCEPT
2650+### tuple ### allow tcp 13,80:83 2001:db8:85a3:8d3:1319:8a2e:370:7341 any ::/0 in
2651+-A ufw6-user-input -p tcp -m multiport --dports 13,80:83 -d 2001:db8:85a3:8d3:1319:8a2e:370:7341 -j ACCEPT
2652
2653-237: delete allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83,22 proto tcp
2654+237: delete allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83,13 proto tcp
2655 WARN: Checks disabled
2656 Rules updated (v6)
2657
2658
2659-238: allow from 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 35:39 to 2001:db8:85a3:8d3:1319:8a2e:370:7342 port 22 proto tcp
2660+238: allow from 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 35:39 to 2001:db8:85a3:8d3:1319:8a2e:370:7342 port 13 proto tcp
2661 WARN: Checks disabled
2662 Rules updated (v6)
2663
2664
2665-### tuple ### allow tcp 22 2001:db8:85a3:8d3:1319:8a2e:370:7342 35:39 2001:db8:85a3:8d3:1319:8a2e:370:7341 in
2666--A ufw6-user-input -p tcp -m multiport --dports 22 -m multiport --sports 35:39 -d 2001:db8:85a3:8d3:1319:8a2e:370:7342 -s 2001:db8:85a3:8d3:1319:8a2e:370:7341 -j ACCEPT
2667+### tuple ### allow tcp 13 2001:db8:85a3:8d3:1319:8a2e:370:7342 35:39 2001:db8:85a3:8d3:1319:8a2e:370:7341 in
2668+-A ufw6-user-input -p tcp -m multiport --dports 13 -m multiport --sports 35:39 -d 2001:db8:85a3:8d3:1319:8a2e:370:7342 -s 2001:db8:85a3:8d3:1319:8a2e:370:7341 -j ACCEPT
2669
2670-239: delete allow from 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 35:39 to 2001:db8:85a3:8d3:1319:8a2e:370:7342 port 22 proto tcp
2671+239: delete allow from 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 35:39 to 2001:db8:85a3:8d3:1319:8a2e:370:7342 port 13 proto tcp
2672 WARN: Checks disabled
2673 Rules updated (v6)
2674
2675
2676-240: allow to any port 23,21,15:19,22 from any port 24:26 proto udp
2677+240: allow to any port 23,21,15:19,13 from any port 24:26 proto udp
2678 WARN: Checks disabled
2679 Rules updated
2680 Rules updated (v6)
2681
2682
2683-### tuple ### allow udp 15:19,21,22,23 0.0.0.0/0 24:26 0.0.0.0/0 in
2684--A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -m multiport --sports 24:26 -j ACCEPT
2685+### tuple ### allow udp 13,15:19,21,23 0.0.0.0/0 24:26 0.0.0.0/0 in
2686+-A ufw-user-input -p udp -m multiport --dports 13,15:19,21,23 -m multiport --sports 24:26 -j ACCEPT
2687
2688-### tuple ### allow udp 15:19,21,22,23 ::/0 24:26 ::/0 in
2689--A ufw6-user-input -p udp -m multiport --dports 15:19,21,22,23 -m multiport --sports 24:26 -j ACCEPT
2690+### tuple ### allow udp 13,15:19,21,23 ::/0 24:26 ::/0 in
2691+-A ufw6-user-input -p udp -m multiport --dports 13,15:19,21,23 -m multiport --sports 24:26 -j ACCEPT
2692
2693-241: delete allow to any port 23,21,15:19,22 from any port 24:26 proto udp
2694+241: delete allow to any port 23,21,15:19,13 from any port 24:26 proto udp
2695 WARN: Checks disabled
2696 Rules updated
2697 Rules updated (v6)
2698
2699
2700-242: allow 23,21,15:19,22/udp
2701+242: allow 23,21,15:19,13/udp
2702 WARN: Checks disabled
2703 Rules updated
2704 Rules updated (v6)
2705
2706
2707-### tuple ### allow udp 15:19,21,22,23 0.0.0.0/0 any 0.0.0.0/0 in
2708--A ufw-user-input -p udp -m multiport --dports 15:19,21,22,23 -j ACCEPT
2709+### tuple ### allow udp 13,15:19,21,23 0.0.0.0/0 any 0.0.0.0/0 in
2710+-A ufw-user-input -p udp -m multiport --dports 13,15:19,21,23 -j ACCEPT
2711
2712-### tuple ### allow udp 15:19,21,22,23 ::/0 any ::/0 in
2713--A ufw6-user-input -p udp -m multiport --dports 15:19,21,22,23 -j ACCEPT
2714+### tuple ### allow udp 13,15:19,21,23 ::/0 any ::/0 in
2715+-A ufw6-user-input -p udp -m multiport --dports 13,15:19,21,23 -j ACCEPT
2716
2717-243: delete allow 23,21,15:19,22/udp
2718+243: delete allow 23,21,15:19,13/udp
2719 WARN: Checks disabled
2720 Rules updated
2721 Rules updated (v6)
2722diff --git a/tests/root/valid6/runtest.sh b/tests/root/valid6/runtest.sh
2723index 1695dd1..d08e6f3 100755
2724--- a/tests/root/valid6/runtest.sh
2725+++ b/tests/root/valid6/runtest.sh
2726@@ -154,13 +154,13 @@ do_cmd "0" allow to any port smtp from any port smtp
2727 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2728 do_cmd "0" delete allow to any port smtp from any port smtp
2729 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2730-do_cmd "0" allow to any port smtp from any port ssh
2731+do_cmd "0" allow to any port smtp from any port daytime
2732 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2733-do_cmd "0" delete allow to any port smtp from any port ssh
2734+do_cmd "0" delete allow to any port smtp from any port daytime
2735 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2736-do_cmd "0" allow to any port ssh from any port smtp
2737+do_cmd "0" allow to any port daytime from any port smtp
2738 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2739-do_cmd "0" delete allow to any port ssh from any port smtp
2740+do_cmd "0" delete allow to any port daytime from any port smtp
2741 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2742 do_cmd "0" allow to any port smtp from any port 23
2743 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2744@@ -174,13 +174,13 @@ do_cmd "0" allow to any port tftp from any port tftp
2745 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2746 do_cmd "0" delete allow to any port tftp from any port tftp
2747 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2748-do_cmd "0" allow to any port tftp from any port ssh
2749+do_cmd "0" allow to any port tftp from any port daytime
2750 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2751-do_cmd "0" delete allow to any port tftp from any port ssh
2752+do_cmd "0" delete allow to any port tftp from any port daytime
2753 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2754-do_cmd "0" allow to any port ssh from any port tftp
2755+do_cmd "0" allow to any port daytime from any port tftp
2756 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2757-do_cmd "0" delete allow to any port ssh from any port tftp
2758+do_cmd "0" delete allow to any port daytime from any port tftp
2759 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2760 do_cmd "0" allow to any port tftp from any port 23
2761 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2762@@ -190,30 +190,30 @@ do_cmd "0" allow to any port 23 from any port tftp
2763 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2764 do_cmd "0" delete allow to any port 23 from any port tftp
2765 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2766-do_cmd "0" allow to any port ssh from any port 23
2767+do_cmd "0" allow to any port daytime from any port 23
2768 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2769-do_cmd "0" delete allow to any port ssh from any port 23
2770+do_cmd "0" delete allow to any port daytime from any port 23
2771 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2772-do_cmd "0" allow to any port 23 from any port ssh
2773+do_cmd "0" allow to any port 23 from any port daytime
2774 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2775-do_cmd "0" delete allow to any port 23 from any port ssh
2776+do_cmd "0" delete allow to any port 23 from any port daytime
2777 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2778-do_cmd "0" allow to any port ssh from any port domain
2779+do_cmd "0" allow to any port daytime from any port domain
2780 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2781-do_cmd "0" delete allow to any port ssh from any port domain
2782+do_cmd "0" delete allow to any port daytime from any port domain
2783 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2784
2785 do_cmd "0" allow to any port smtp from any port smtp proto tcp
2786 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2787 do_cmd "0" delete allow to any port smtp from any port smtp proto tcp
2788 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2789-do_cmd "0" allow to any port smtp from any port ssh proto tcp
2790+do_cmd "0" allow to any port smtp from any port daytime proto tcp
2791 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2792-do_cmd "0" delete allow to any port smtp from any port ssh proto tcp
2793+do_cmd "0" delete allow to any port smtp from any port daytime proto tcp
2794 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2795-do_cmd "0" allow to any port ssh from any port smtp proto tcp
2796+do_cmd "0" allow to any port daytime from any port smtp proto tcp
2797 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2798-do_cmd "0" delete allow to any port ssh from any port smtp proto tcp
2799+do_cmd "0" delete allow to any port daytime from any port smtp proto tcp
2800 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2801 do_cmd "0" allow to any port smtp from any port 23 proto tcp
2802 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2803@@ -227,13 +227,13 @@ do_cmd "0" allow to any port tftp from any port tftp proto udp
2804 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2805 do_cmd "0" delete allow to any port tftp from any port tftp proto udp
2806 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2807-do_cmd "0" allow to any port tftp from any port ssh proto udp
2808+do_cmd "0" allow to any port tftp from any port daytime proto udp
2809 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2810-do_cmd "0" delete allow to any port tftp from any port ssh proto udp
2811+do_cmd "0" delete allow to any port tftp from any port daytime proto udp
2812 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2813-do_cmd "0" allow to any port ssh from any port tftp proto udp
2814+do_cmd "0" allow to any port daytime from any port tftp proto udp
2815 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2816-do_cmd "0" delete allow to any port ssh from any port tftp proto udp
2817+do_cmd "0" delete allow to any port daytime from any port tftp proto udp
2818 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2819 do_cmd "0" allow to any port tftp from any port 23 proto udp
2820 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2821@@ -243,29 +243,29 @@ do_cmd "0" allow to any port 23 from any port tftp proto udp
2822 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2823 do_cmd "0" delete allow to any port 23 from any port tftp proto udp
2824 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2825-do_cmd "0" allow to any port ssh from any port 23 proto tcp
2826+do_cmd "0" allow to any port daytime from any port 23 proto tcp
2827 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2828-do_cmd "0" delete allow to any port ssh from any port 23 proto tcp
2829+do_cmd "0" delete allow to any port daytime from any port 23 proto tcp
2830 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2831-do_cmd "0" allow to any port 23 from any port ssh proto tcp
2832+do_cmd "0" allow to any port 23 from any port daytime proto tcp
2833 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2834-do_cmd "0" delete allow to any port 23 from any port ssh proto tcp
2835+do_cmd "0" delete allow to any port 23 from any port daytime proto tcp
2836 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2837-do_cmd "0" allow to any port ssh from any port domain proto tcp
2838+do_cmd "0" allow to any port daytime from any port domain proto tcp
2839 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2840-do_cmd "0" delete allow to any port ssh from any port domain proto tcp
2841+do_cmd "0" delete allow to any port daytime from any port domain proto tcp
2842 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2843-do_cmd "0" allow to any port ssh from any port 23 proto udp
2844+do_cmd "0" allow to any port daytime from any port 23 proto udp
2845 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2846-do_cmd "0" delete allow to any port ssh from any port 23 proto udp
2847+do_cmd "0" delete allow to any port daytime from any port 23 proto udp
2848 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2849-do_cmd "0" allow to any port 23 from any port ssh proto udp
2850+do_cmd "0" allow to any port 23 from any port daytime proto udp
2851 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2852-do_cmd "0" delete allow to any port 23 from any port ssh proto udp
2853+do_cmd "0" delete allow to any port 23 from any port daytime proto udp
2854 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2855-do_cmd "0" allow to any port ssh from any port domain proto udp
2856+do_cmd "0" allow to any port daytime from any port domain proto udp
2857 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2858-do_cmd "0" delete allow to any port ssh from any port domain proto udp
2859+do_cmd "0" delete allow to any port daytime from any port domain proto udp
2860 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2861
2862 echo "TESTING NETMASK" >> $TESTTMP/result
2863@@ -303,24 +303,24 @@ do_cmd "0" allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83 proto tcp
2864 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2865 do_cmd "0" delete allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83 proto tcp
2866 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2867-do_cmd "0" allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83,22 proto tcp
2868+do_cmd "0" allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83,13 proto tcp
2869 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2870-do_cmd "0" delete allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83,22 proto tcp
2871+do_cmd "0" delete allow to 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 80:83,13 proto tcp
2872 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2873-do_cmd "0" allow from 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 35:39 to 2001:db8:85a3:8d3:1319:8a2e:370:7342 port 22 proto tcp
2874+do_cmd "0" allow from 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 35:39 to 2001:db8:85a3:8d3:1319:8a2e:370:7342 port 13 proto tcp
2875 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2876-do_cmd "0" delete allow from 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 35:39 to 2001:db8:85a3:8d3:1319:8a2e:370:7342 port 22 proto tcp
2877+do_cmd "0" delete allow from 2001:db8:85a3:8d3:1319:8a2e:370:7341 port 35:39 to 2001:db8:85a3:8d3:1319:8a2e:370:7342 port 13 proto tcp
2878 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2879-do_cmd "0" allow to any port 23,21,15:19,22 from any port 24:26 proto udp
2880+do_cmd "0" allow to any port 23,21,15:19,13 from any port 24:26 proto udp
2881 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2882 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2883-do_cmd "0" delete allow to any port 23,21,15:19,22 from any port 24:26 proto udp
2884+do_cmd "0" delete allow to any port 23,21,15:19,13 from any port 24:26 proto udp
2885 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2886 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2887-do_cmd "0" allow 23,21,15:19,22/udp
2888+do_cmd "0" allow 23,21,15:19,13/udp
2889 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2890 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2891-do_cmd "0" delete allow 23,21,15:19,22/udp
2892+do_cmd "0" delete allow 23,21,15:19,13/udp
2893 grep -A2 "tuple" $TESTSTATE/user.rules >> $TESTTMP/result
2894 grep -A2 "tuple" $TESTSTATE/user6.rules >> $TESTTMP/result
2895
diff --git a/meta-networking/recipes-connectivity/ufw/ufw/0010-empty-out-IPT_MODULES-and-update-documentation.patch b/meta-networking/recipes-connectivity/ufw/ufw/0010-empty-out-IPT_MODULES-and-update-documentation.patch
new file mode 100644
index 000000000..f9c387a45
--- /dev/null
+++ b/meta-networking/recipes-connectivity/ufw/ufw/0010-empty-out-IPT_MODULES-and-update-documentation.patch
@@ -0,0 +1,106 @@
1empty our IPT_MODULES and update documentation
2
3empty out IPT_MODULES and update documentation regarding modern use of
4connection tracking modules.
5
6Patch from git://git.launchpad.net/ufw
7Commit aefb842b73726c245157096fb8992c3e82833147
8
9Written by Jamie Strandboge <jamie@ubuntu.com>
10
11Merged patch so they applied to 0.33 with missing code. Unit tests are not
12in this version.
13
14Upstream-Status: Backport
15Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
16
17
18diff --git a/conf/ufw.defaults b/conf/ufw.defaults
19index 330ad88..b3eba8f 100644
20--- a/conf/ufw.defaults
21+++ b/conf/ufw.defaults
22@@ -34,12 +34,13 @@ MANAGE_BUILTINS=no
23 # only enable if using iptables backend
24 IPT_SYSCTL=#CONFIG_PREFIX#/ufw/sysctl.conf
25
26-# Extra connection tracking modules to load. Complete list can be found in
27-# net/netfilter/Kconfig of your kernel source. Some common modules:
28+# Extra connection tracking modules to load. IPT_MODULES should typically be
29+# empty for new installations and modules added only as needed. See
30+# 'CONNECTION HELPERS' from 'man ufw-framework' for details. Complete list can
31+# be found in net/netfilter/Kconfig of your kernel source. Some common modules:
32 # nf_conntrack_irc, nf_nat_irc: DCC (Direct Client to Client) support
33 # nf_conntrack_netbios_ns: NetBIOS (samba) client support
34 # nf_conntrack_pptp, nf_nat_pptp: PPTP over stateful firewall/NAT
35 # nf_conntrack_ftp, nf_nat_ftp: active FTP support
36 # nf_conntrack_tftp, nf_nat_tftp: TFTP support (server side)
37-IPT_MODULES="nf_conntrack_ftp nf_nat_ftp nf_conntrack_netbios_ns"
38-
39+IPT_MODULES=""
40
41diff --git a/doc/ufw-framework.8 b/doc/ufw-framework.8
42index eef28e1..97dc8c5 100644
43--- a/doc/ufw-framework.8
44+++ b/doc/ufw-framework.8
45@@ -115,5 +115,10 @@ IPT_MODULES in #CONFIG_PREFIX#/default/ufw. Some popular modules to load are:
46 nf_conntrack_tftp
47 nf_nat_tftp
48+.PP
49+Unconditional loading of connection tracking modules (nf_conntrack_*) in this
50+manner is deprecated. \fBufw\fR continues to support the functionality but new
51+configuration should only contain the specific modules required for the site.
52+For more information, see CONNECTION HELPERS.
53
54 .SH "KERNEL PARAMETERS"
55 .PP
56@@ 240,5 +245,50 @@ Add the necessary \fBufw\fR rules:
57 # ufw allow in on eth1 from 10.0.0.100 to any port 22 proto tcp
58
59+.SH "CONNECTION HELPERS"
60+.PP
61+Various protocols require the use of netfilter connection tracking helpers to
62+group related packets into RELATED flows to make rulesets clearer and more
63+precise. For example, with a couple of kernel modules and a couple of rules, a
64+ruleset could simply allow a connection to FTP port 21, then the kernel would
65+examine the traffic and mark the other FTP data packets as RELATED to the
66+initial connection.
67+.PP
68+When the helpers were first introduced, one could only configure the modules as
69+part of module load (eg, if your FTP server listened on a different port than
70+21, you'd have to load the nf_conntrack_ftp module specifying the correct
71+port). Over time it was understood that unconditionally using connection
72+helpers could lead to abuse, in part because some protocols allow user
73+specified data that would allow traversing the firewall in undesired ways. As
74+of kernel 4.7, automatic conntrack helper assignment (ie, handling packets for
75+a given port and all IP addresses) is disabled (the old behavior can be
76+restored by setting net/netfilter/nf_conntrack_helper=1 in
77+#CONFIG_PREFIX#/ufw/sysctl.conf). Firewalls should now instead use the CT
78+target to associate traffic with a particular helper and then set RELATED rules
79+to use the helper. This allows sites to tailor the use of helpers and help
80+avoid abuse.
81+.PP
82+In general, to use helpers securely, the following needs to happen:
83+.IP 1.
84+net/netfilter/nf_conntrack_helper should be set to 0 (default)
85+.IP 2.
86+create a rule for the start of a connection (eg for FTP, port 21)
87+.IP 3.
88+create a helper rule to associate the helper with this connection
89+.IP 4.
90+create a helper rule to associate a RELATED flow with this connection
91+.IP 5.
92+if needed, add the corresponding nf_conntrack_* module to IPT_MODULES
93+.IP 6.
94+optionally add the corresponding nf_nat_* module to IPT_MODULES
95+.PP
96+In general it is desirable to make connection helper rules as specific as
97+possible and ensure anti\-spoofing is correctly setup for your site to avoid
98+security issues in your ruleset. For more information, see ANTI\-SPOOFING,
99+above, and <https://home.regit.org/netfilter-en/secure-use-of-helpers/>.
100+.PP
101+Currently helper rules must be managed in via the RULES FILES. A future version
102+of \fBufw\fR will introduce syntax for working with helper rules.
103+
104 .SH SEE ALSO
105 .PP
106 \fBufw\fR(8), \fBiptables\fR(8), \fBip6tables\fR(8), \fBiptables\-restore\fR(8), \fBip6tables\-restore\fR(8), \fBsysctl\fR(8), \fBsysctl.conf\fR(5)
diff --git a/meta-networking/recipes-connectivity/ufw/ufw/0011-tests-check-requirements--simplify-and-support-python-3.8.patch b/meta-networking/recipes-connectivity/ufw/ufw/0011-tests-check-requirements--simplify-and-support-python-3.8.patch
new file mode 100644
index 000000000..ea48c83b8
--- /dev/null
+++ b/meta-networking/recipes-connectivity/ufw/ufw/0011-tests-check-requirements--simplify-and-support-python-3.8.patch
@@ -0,0 +1,33 @@
1tests/check-requirements: simplify and support python 3.8
2
3Written by: Jamie Strandboge <jamie@ubuntu.com>
4
5The patch was imported from git://git.launchpad.net/ufw
6commit id e30f8bc2aeb317d152e74a270a8e1336de06cee6
7
8Upstream-Status: Backport
9
10Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
11
12diff --git a/tests/check-requirements b/tests/check-requirements
13index e873703..82fab08 100755
14--- a/tests/check-requirements
15+++ b/tests/check-requirements
16@@ -45,7 +45,7 @@ runcmd() {
17 # check python
18 found_python="no"
19 echo -n "Has python: "
20-for exe in python2.7 python2.6 python2.5 python3.2 python; do
21+for exe in python3 python2 python; do
22 if ! which $exe >/dev/null 2>&1; then
23 continue
24 fi
25@@ -54,7 +54,7 @@ for exe in python2.7 python2.6 python2.5 python3.2 python; do
26 echo "pass (binary: $exe, version: $v, py2)"
27 found_python="yes"
28 break
29- elif echo "$v" | grep -q "^3.[2]"; then
30+ elif echo "$v" | grep -q "^3.[2-8]"; then
31 echo "pass (binary: $exe, version: $v, py3)"
32 found_python="yes"
33 break
diff --git a/meta-networking/recipes-connectivity/ufw/ufw/Add-code-to-detect-openembedded-python-interpreter.patch b/meta-networking/recipes-connectivity/ufw/ufw/Add-code-to-detect-openembedded-python-interpreter.patch
new file mode 100644
index 000000000..85d51ca21
--- /dev/null
+++ b/meta-networking/recipes-connectivity/ufw/ufw/Add-code-to-detect-openembedded-python-interpreter.patch
@@ -0,0 +1,33 @@
1Add code to detect openembedded python interpreter
2
3OE does not use /usr/bin/env as part of the interpreter, so it does not
4update ufw with the interpreter name.
5
6Upstream-Status: Inappropriate (Embedded)
7Signed-off-by: Jate Sujjavanich <jatedev@gmail.com>
8---
9 setup.py | 8 ++++++++
10 1 file changed, 8 insertions(+)
11
12diff --git a/setup.py b/setup.py
13index 75c1105..3f9a5e0 100644
14--- a/setup.py
15+++ b/setup.py
16@@ -128,6 +128,14 @@ class Install(_install, object):
17 "-i.jjm",
18 "1s%^#.*python.*%#! " + sys.executable + "%g",
19 'staging/ufw'])
20+ elif '-native/python' in sys.executable and \
21+ os.path.basename(sys.executable) in ['python', 'python3']:
22+ print("Detected oe native python " + os.path.basename(sys.executable))
23+ subprocess.call(["sed",
24+ "-i.jjm",
25+ "1s%python$%"
26+ + os.path.basename(sys.executable) + "%g",
27+ 'staging/ufw'])
28
29 self.copy_file('staging/ufw', script)
30 self.copy_file('doc/ufw.8', manpage)
31--
322.7.4
33
diff --git a/meta-networking/recipes-connectivity/ufw/ufw/setup-only-make-one-reference-to-env.patch b/meta-networking/recipes-connectivity/ufw/ufw/setup-only-make-one-reference-to-env.patch
index ff704b5a4..f487a6fd6 100644
--- a/meta-networking/recipes-connectivity/ufw/ufw/setup-only-make-one-reference-to-env.patch
+++ b/meta-networking/recipes-connectivity/ufw/ufw/setup-only-make-one-reference-to-env.patch
@@ -14,6 +14,10 @@ detected or specified on the build line.
14Upstream-Status: Inappropriate [ embedded specific ] 14Upstream-Status: Inappropriate [ embedded specific ]
15 15
16Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com> 16Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
17
18Added conditional to handle sys.executable without env on python3
19
20Signed-off-by Jate Sujjavanich <jatedev@gmail.com>
17--- 21---
18 setup.py | 34 ++++++++++++++++++++++++++++------ 22 setup.py | 34 ++++++++++++++++++++++++++++------
19 1 file changed, 28 insertions(+), 6 deletions(-) 23 1 file changed, 28 insertions(+), 6 deletions(-)
@@ -43,7 +47,7 @@ index b13d11c..73acdef 100644
43 # Now byte-compile everything 47 # Now byte-compile everything
44 super(Install, self).run() 48 super(Install, self).run()
45 49
46@@ -107,12 +112,23 @@ class Install(_install, object): 50@@ -107,12 +112,29 @@ class Install(_install, object):
47 for f in [ script, manpage, manpage_f ]: 51 for f in [ script, manpage, manpage_f ]:
48 self.mkpath(os.path.dirname(f)) 52 self.mkpath(os.path.dirname(f))
49 53
@@ -62,7 +66,13 @@ index b13d11c..73acdef 100644
62- 'staging/ufw']) 66- 'staging/ufw'])
63+ print("Updating staging/ufw to use (%s)" % (sys.executable)) 67+ print("Updating staging/ufw to use (%s)" % (sys.executable))
64+ 68+
65+ if re.search("(/usr/bin/env)", sys.executable): 69+ if not re.search("(/usr/bin/env)", sys.executable):
70+ print("Did not find 'env' in sys.executable (%s)" % (sys.executable))
71+ subprocess.call(["sed",
72+ "-i",
73+ "1s%^#.*python.*%#! /usr/bin/env " + sys.executable + "%g",
74+ 'staging/ufw'])
75+ elif re.search("(/usr/bin/env)", sys.executable):
66+ print("found 'env' in sys.executable (%s)" % (sys.executable)) 76+ print("found 'env' in sys.executable (%s)" % (sys.executable))
67+ subprocess.call(["sed", 77+ subprocess.call(["sed",
68+ "-i.jjm", 78+ "-i.jjm",
diff --git a/meta-networking/recipes-connectivity/ufw/ufw_0.33.bb b/meta-networking/recipes-connectivity/ufw/ufw_0.33.bb
index 42fc26258..856270cd5 100644
--- a/meta-networking/recipes-connectivity/ufw/ufw_0.33.bb
+++ b/meta-networking/recipes-connectivity/ufw/ufw_0.33.bb
@@ -16,6 +16,13 @@ SRC_URI = " \
16 file://0003-fix-typeerror-on-error.patch \ 16 file://0003-fix-typeerror-on-error.patch \
17 file://0004-lp1039729.patch \ 17 file://0004-lp1039729.patch \
18 file://0005-lp1191197.patch \ 18 file://0005-lp1191197.patch \
19 file://0006-check-requirements-get-error.patch \
20 file://0007-use-conntrack-instead-of-state-module.patch \
21 file://0008-support-.-setup.py-build-LP-819600.patch \
22 file://0009-adjust-runtime-tests-to-use-daytime-port.patch \
23 file://0010-empty-out-IPT_MODULES-and-update-documentation.patch \
24 file://0011-tests-check-requirements--simplify-and-support-python-3.8.patch \
25 file://Add-code-to-detect-openembedded-python-interpreter.patch \
19" 26"
20 27
21UPSTREAM_CHECK_URI = "https://launchpad.net/ufw" 28UPSTREAM_CHECK_URI = "https://launchpad.net/ufw"
@@ -25,6 +32,17 @@ SRC_URI[sha256sum] = "5f85a8084ad3539b547bec097286948233188c971f498890316dec170b
25 32
26inherit setuptools3 features_check 33inherit setuptools3 features_check
27 34
35do_install_append() {
36 install -d ${D}${datadir}/${PN}/test
37 cp -R --no-dereference --preserve=mode,links -v ${S}/* ${D}${datadir}/${PN}/test
38}
39PACKAGES =+ "${PN}-test"
40RDEPENDS_${PN}-test += "bash"
41FILES_${PN}-test += "${datadir}/${PN}/test"
42
43# To test, install ufw-test package. You can enter /usr/share/ufw/test and run as root:
44# PYTHONPATH=tests/testarea/lib/python ./run_tests.sh -s -i python3 root
45
28RDEPENDS_${PN} = " \ 46RDEPENDS_${PN} = " \
29 iptables \ 47 iptables \
30 python3 \ 48 python3 \
@@ -33,14 +51,35 @@ RDEPENDS_${PN} = " \
33 51
34RRECOMMENDS_${PN} = " \ 52RRECOMMENDS_${PN} = " \
35 kernel-module-ipv6 \ 53 kernel-module-ipv6 \
36 kernel-module-nf-conntrack-ipv6 \ 54 kernel-module-ipt-reject \
55 kernel-module-iptable-mangle \
56 kernel-module-iptable-raw \
57 kernel-module-ip6table-raw \
58 kernel-module-ip6t-reject \
59 kernel-module-ip6t-rt \
60 kernel-module-ip6table-mangle \
61 kernel-module-nf-conntrack \
37 kernel-module-nf-log-common \ 62 kernel-module-nf-log-common \
63 kernel-module-nf-conntrack-broadcast \
64 kernel-module-nf-conntrack-ftp \
65 kernel-module-nf-conntrack-netbios-ns \
66 kernel-module-nf-log-ipv4 \
67 kernel-module-nf-log-ipv6 \
38 kernel-module-nf-log-ipv4 \ 68 kernel-module-nf-log-ipv4 \
39 kernel-module-nf-log-ipv6 \ 69 kernel-module-nf-log-ipv6 \
40 kernel-module-nf-addrtype \ 70 kernel-module-nf-nat-ftp \
41 kernel-module-nf-limit \ 71 kernel-module-xt-addrtype \
42 kernel-module-nf-log \ 72 kernel-module-xt-comment \
43 kernel-module-nf-recent \ 73 kernel-module-xt-conntrack \
74 kernel-module-xt-hashlimit \
75 kernel-module-xt-hl \
76 kernel-module-xt-multiport \
77 kernel-module-xt-ratetest \
78 kernel-module-xt-socket \
79 kernel-module-xt-tcpudp \
80 kernel-module-xt-limit \
81 kernel-module-xt-log \
82 kernel-module-xt-recent \
44" 83"
45 84
46# Certain items are explicitly put under /lib, not base_libdir when installed. 85# Certain items are explicitly put under /lib, not base_libdir when installed.
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-07 19:12:55 +0000