Major Bug: UFW stopped thru logrotate

On Debian Sid i have seen that ufw service is stopped on logrotate!!

Its a bad known bug! REMARK ufw 3.5.X fails with iptables 1.8! Cause iptables 1.8.1 is very BUGGY! USE 1.6!
Bugreport

Workaround:

  • Set all Services like Dovecot, Postfix to listen on LOCALHOST (127.0.0.1) if not needed over Internet
  • Enable ONLY encrypted AUTH (Login) to Postfix! (TLS 1.2)
  • Disable unneeded Services ! like Samba, FTP…
  • move config from /etc/logrotate.d/ufw to /root/ to disable ufw logrotate !!
  • edit /etc/ufw/ufw.conf set LOGLEVEL to „off“
  • restart the Server and check open Ports next Days from outside with:

$sudo nmap -PN my.server.com