All, I have UFW setup to allow traffic on port 443. It works as expected, though I have a large amount of UFW Block log entries.

To                         Action      From
--                         ------      ----
80                         ALLOW       Anywhere
443                        ALLOW       Anywhere
22222                      ALLOW       Anywhere
80                         ALLOW       Anywhere (v6)
443                        ALLOW       Anywhere (v6)
22222                      ALLOW       Anywhere (v6)

However in my syslog file I see this:

[UFW BLOCK] IN=eth0 OUT= MAC=XXX SRC=<foreignip> DST=<serverip> LEN=40 TOS=0x00 PREC=0x00 TTL=116 ID=22025 DF PROTO=TCP SPT=49622 DPT=443 WINDOW=0 RES=0x00 ACK RST URGP=0

About 30 or so seconds later pound (which I'm using for SSL decryption and port redirection) throws a connection timed out messsage. I'm assuming this is because UFW is blocking the packet.

I'm at a loss as to an explination. Could the packet be malformed or something, is this normal?

Edit - I have since changed the /etc/defaults/ufw and set ipv6=no, so the v6 rules are no longer in the mix. The server is still showing the block / connection timed out behavior though.

The new ufw status output is:

Status: active 
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

To                         Action      From
--                         ------      ----
80                         ALLOW IN    Anywhere
443                        ALLOW IN    Anywhere
22222                      ALLOW IN    Anywhere