TechOverflow Logo
TechOverflow

How to fix ufw [UFW BLOCK] message spamming syslog / dmesg

Problem:

In your syslog which you can see using

dmesg

you see a lot of [UFW BLOCK] messages like these:

[600810.355752] [UFW BLOCK] IN=enp0s3 OUT= MAC=02:00:17:02:76:ad:00:00:17:b9:55:d6:08:00 SRC=45.146.164.226 DST=10.0.0.130 LEN=40 TOS=0x00 PREC=0x00 TTL=251 ID=59316 PROTO=TCP SPT=48741 DPT=50713 WINDOW=1024 RES=0x00 SYN URGP=0 
[600831.477953] [UFW BLOCK] IN=enp0s3 OUT= MAC=02:00:17:02:76:ad:00:00:17:b9:55:d6:08:00 SRC=74.118.36.15 DST=10.0.0.130 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=59050 PROTO=TCP SPT=7527 DPT=23 WINDOW=14663 RES=0x00 SYN URGP=0 
[600853.366152] [UFW BLOCK] IN=enp0s3 OUT= MAC=02:00:17:02:76:ad:00:00:17:b9:55:d6:08:00 SRC=34.77.162.17 DST=10.0.0.130 LEN=44 TOS=0x00 PREC=0x00 TTL=253 ID=51373 PROTO=TCP SPT=50218 DPT=5900 WINDOW=1024 RES=0x00 SYN URGP=0 
[600876.538979] [UFW BLOCK] IN=enp0s3 OUT= MAC=02:00:17:02:76:ad:00:00:17:b9:55:d6:08:00 SRC=74.118.36.15 DST=10.0.0.130 LEN=40 TOS=0x00 PREC=0x00 TTL=58 ID=59050 PROTO=TCP SPT=7527 DPT=23 WINDOW=14663 RES=0x00 SYN URGP=0

Solution

DisableĀ ufw logging using

sudo ufw logging off

and no new messages should appear.