Hi list,
I've compiled and installed firewalld-0.7.0 on my linux system (linux-4.20.12), with no obvious errors during the built. When I start firewalld with
# systemctl start firewalld
I get
# systemctl status firewalld ERROR: '/sbin/nft add chain ip6 firewalld nat_PREROUTING { type nat hook prerouting priority -90 ; }' failed: Error: Could not process rule: No such file or directory
When I inspect the nft tables afterwards, I get
# nft list tables table inet firewalld table ip firewalld table ip6 firewalld
# nft list table inet firewalld table inet firewalld { chain raw_PREROUTING { type filter hook prerouting priority raw + 10; policy accept; }
chain mangle_PREROUTING { type filter hook prerouting priority mangle + 10; policy accept; } }
# nft list table ip firewalld table ip firewalld { chain nat_PREROUTING { type nat hook prerouting priority dstnat + 10; policy accept; }
chain nat_POSTROUTING { type nat hook postrouting priority srcnat + 10; policy accept; } }
# nft list table ip6 firewalld table ip6 firewalld { }
What is the problem here? nft seems to be working to some degree, but for some reason the ip6 table is not created. Thanks a lot,
Hans
On Sat, Jul 20, 2019 at 02:34:55AM +0000, Hans Malissa wrote:
Hi list,
I've compiled and installed firewalld-0.7.0 on my linux system (linux-4.20.12), with no obvious errors during the built. When I start firewalld with
# systemctl start firewalld
I get
# systemctl status firewalld ERROR: '/sbin/nft add chain ip6 firewalld nat_PREROUTING { type nat hook prerouting priority -90 ; }' failed: Error: Could not process rule: No such file or directory
When I inspect the nft tables afterwards, I get
# nft list tables table inet firewalld table ip firewalld table ip6 firewalld
# nft list table inet firewalld table inet firewalld { chain raw_PREROUTING { type filter hook prerouting priority raw + 10; policy accept; }
chain mangle_PREROUTING { type filter hook prerouting priority mangle + 10; policy accept; } }
# nft list table ip firewalld table ip firewalld { chain nat_PREROUTING { type nat hook prerouting priority dstnat + 10; policy accept; }
chain nat_POSTROUTING { type nat hook postrouting priority srcnat + 10; policy accept; } }
# nft list table ip6 firewalld table ip6 firewalld { }
What is the problem here? nft seems to be working to some degree, but for some reason the ip6 table is not created. Thanks a lot,
It likely means your kernel does not support IPv6 or the IPv6 for netfilter/nftables is not enabled.
Maybe try a new kernel. Are you building your own?
firewalld-users@lists.fedorahosted.org