UFW Log – Why Am I Getting [UFW BLOCK] in Syslogs?


I wonder why I get this error on my syslogs:

[7732763.396193] [UFW BLOCK] IN=eth0 OUT= MAC=02:8b:1a:75:d5:7b:02:8b:1a:40:00:03:08:00 SRC=x.x.x.x DST=x.x.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=53703 DF PROTO=TCP SPT=35651 DPT=8443 WINDOW=457 RES=0x00 ACK RST URGP=0 

I have just enabled the ufw. This error means that something going wrong?

Best Answer

Well, it means that ufw blocked a connection from SRC to DST on TCP Port 8443. Unless you wanted this connection to be successful it is not a bad thing.

Port 8443 is mainly used by webservices, for example it is used by VMware ESXi, or some (HTTPS) Application Servers.

You can check if your box is running anything on that port by issueing sudo netstat -tulpen | grep 8443

