John - ufw problems

1. Output of sudo iptables --list -n:
2.  
3.  
4. Chain INPUT (policy DROP)
5. target prot opt source destination
6. ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0
7. ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0
8. ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0
9. ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0
10. ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0
11. ufw-track-input all -- 0.0.0.0/0 0.0.0.0/0
12.  
13. Chain FORWARD (policy DROP)
14. target prot opt source destination
15. ufw-before-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
16. ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0
17. ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0
18. ufw-after-logging-forward all -- 0.0.0.0/0 0.0.0.0/0
19. ufw-reject-forward all -- 0.0.0.0/0 0.0.0.0/0
20.  
21. Chain OUTPUT (policy ACCEPT)
22. target prot opt source destination
23. ufw-before-logging-output all -- 0.0.0.0/0 0.0.0.0/0
24. ufw-before-output all -- 0.0.0.0/0 0.0.0.0/0
25. ufw-after-output all -- 0.0.0.0/0 0.0.0.0/0
26. ufw-after-logging-output all -- 0.0.0.0/0 0.0.0.0/0
27. ufw-reject-output all -- 0.0.0.0/0 0.0.0.0/0
28. ufw-track-output all -- 0.0.0.0/0 0.0.0.0/0
29.  
30. Chain ufw-after-forward (1 references)
31. target prot opt source destination
32.  
33. Chain ufw-after-input (1 references)
34. target prot opt source destination
35.  
36. Chain ufw-after-logging-forward (1 references)
37. target prot opt source destination
38. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK] '
39.  
40. Chain ufw-after-logging-input (1 references)
41. target prot opt source destination
42. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK] '
43.  
44. Chain ufw-after-logging-output (1 references)
45. target prot opt source destination
46.  
47. Chain ufw-after-output (1 references)
48. target prot opt source destination
49.  
50. Chain ufw-before-forward (1 references)
51. target prot opt source destination
52. ufw-user-forward all -- 0.0.0.0/0 0.0.0.0/0
53.  
54. Chain ufw-before-input (1 references)
55. target prot opt source destination
56. ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0
57.  
58. Chain ufw-before-logging-forward (1 references)
59. target prot opt source destination
60.  
61. Chain ufw-before-logging-input (1 references)
62. target prot opt source destination
63.  
64. Chain ufw-before-logging-output (1 references)
65. target prot opt source destination
66.  
67. Chain ufw-before-output (1 references)
68. target prot opt source destination
69. ufw-user-output all -- 0.0.0.0/0 0.0.0.0/0
70.  
71. Chain ufw-logging-allow (0 references)
72. target prot opt source destination
73. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW ALLOW] '
74.  
75. Chain ufw-logging-deny (0 references)
76. target prot opt source destination
77. RETURN all -- 0.0.0.0/0 0.0.0.0/0 state INVALID limit: avg 3/min burst 10
78. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK] '
79.  
80. Chain ufw-reject-forward (1 references)
81. target prot opt source destination
82.  
83. Chain ufw-reject-input (1 references)
84. target prot opt source destination
85.  
86. Chain ufw-reject-output (1 references)
87. target prot opt source destination
88.  
89. Chain ufw-skip-to-policy-forward (0 references)
90. target prot opt source destination
91. DROP all -- 0.0.0.0/0 0.0.0.0/0
92.  
93. Chain ufw-skip-to-policy-input (0 references)
94. target prot opt source destination
95. DROP all -- 0.0.0.0/0 0.0.0.0/0
96.  
97. Chain ufw-skip-to-policy-output (0 references)
98. target prot opt source destination
99. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
100.  
101. Chain ufw-track-input (1 references)
102. target prot opt source destination
103.  
104. Chain ufw-track-output (1 references)
105. target prot opt source destination
106. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
107. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW
108.  
109. Chain ufw-user-forward (1 references)
110. target prot opt source destination
111.  
112. Chain ufw-user-input (1 references)
113. target prot opt source destination
114. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
115. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
116. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
117. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
118. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
119. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80
120. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
121. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:443
122. ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
123. ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:3306
124. ACCEPT tcp -- 127.0.0.1 127.0.0.1 tcp dpt:9000
125. ACCEPT udp -- 127.0.0.1 127.0.0.1 udp dpt:9000
126.  
127. Chain ufw-user-limit (0 references)
128. target prot opt source destination
129. LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 4 prefix `[UFW LIMIT BLOCK] '
130. REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
131.  
132. Chain ufw-user-limit-accept (0 references)
133. target prot opt source destination
134. ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
135.  
136. Chain ufw-user-logging-forward (0 references)
137. target prot opt source destination
138.  
139. Chain ufw-user-logging-input (0 references)
140. target prot opt source destination
141.  
142. Chain ufw-user-logging-output (0 references)
143. target prot opt source destination
144.  
145. Chain ufw-user-output (1 references)
146. target prot opt source destination
147.  
148. ###########################################################
149.  
150. Output of nginx.conf:
151. user www-data;
152. worker_processes 1;
153.  
154. error_log /var/log/nginx/error.log;
155. pid /var/run/nginx.pid;
156.  
157. events {
158. worker_connections 1024;
159. # multi_accept on;
160. }
161.  
162. http {
163. include /etc/nginx/mime.types;
164.  
165. access_log /var/log/nginx/access.log;
166.  
167. sendfile on;
168. #tcp_nopush on;
169.  
170. #keepalive_timeout 0;
171. keepalive_timeout 65;
172. tcp_nodelay on;
173.  
174. gzip on;
175. gzip_disable "MSIE [1-6]\.(?!.*SV1)";
176.  
177. include /etc/nginx/conf.d/*.conf;
178. include /etc/nginx/sites-enabled/*;
179. }
180.  
181. Output of \etc\nginx\fastcgi_params:
182.  
183. fastcgi_pass 127.0.0.1:9000;
184. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
185.  
186. fastcgi_param QUERY_STRING $query_string;
187. fastcgi_param REQUEST_METHOD $request_method;
188. fastcgi_param CONTENT_TYPE $content_type;
189. fastcgi_param CONTENT_LENGTH $content_length;
190.  
191. fastcgi_param SCRIPT_NAME $fastcgi_script_name;
192. fastcgi_param REQUEST_URI $request_uri;
193. fastcgi_param DOCUMENT_URI $document_uri;
194. fastcgi_param DOCUMENT_ROOT $document_root;
195. fastcgi_param SERVER_PROTOCOL $server_protocol;
196.  
197. fastcgi_param GATEWAY_INTERFACE CGI/1.1;
198. fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
199.  
200. fastcgi_param REMOTE_ADDR $remote_addr;
201. fastcgi_param REMOTE_PORT $remote_port;
202. fastcgi_param SERVER_ADDR $server_addr;
203. fastcgi_param SERVER_PORT $server_port;
204. fastcgi_param SERVER_NAME $server_name;
205.  
206. # PHP only, required if PHP was built with --enable-force-cgi-redirect
207. fastcgi_param REDIRECT_STATUS 200;