You are not logged in.

Pages: 1

#1 2018-09-22 18:52:35

bit
Member
From: Jakarta
Registered: 2017-08-02
Posts: 5
Website

[Solved] iptables.service enabled but inactive (dead) after reboot

Hi there,

I set  iptables.service to enabled

sudo systemctl enable iptables.service

but after reboot, it seems iptables.service still inactive. I have to manually start or restart the service.

[bit@bitwise ~]$ sudo systemctl status iptables.service 
● iptables.service - Packet Filtering Framework
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
   Active: inactive (dead)

I have installed firewalld too, if it matters.
Here is the output of

sudo systemctl status firewalld.service

But, I think we can leave docker here. I dont use it.

● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2018-09-23 05:54:06 WIB; 1min 45s ago
     Docs: man:firewalld(1)
 Main PID: 546 (firewalld)
    Tasks: 2 (limit: 4915)
   Memory: 44.6M
   CGroup: /system.slice/firewalld.service
           └─546 /usr/bin/python /usr/bin/firewalld --nofork --nopid

Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -t filter -F DOCKER' failed: iptables: No chain/target/match by that>
Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -t filter -X DOCKER' failed: iptables: No chain/target/match by that>
Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -t filter -F DOCKER-ISOLATION-STAGE-1' failed: iptables: No chain/ta>
Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -t filter -X DOCKER-ISOLATION-STAGE-1' failed: iptables: No chain/ta>
Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -t filter -F DOCKER-ISOLATION-STAGE-2' failed: iptables: No chain/ta>
Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -t filter -X DOCKER-ISOLATION-STAGE-2' failed: iptables: No chain/ta>
Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -t filter -F DOCKER-ISOLATION' failed: iptables: No chain/target/mat>
Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -t filter -X DOCKER-ISOLATION' failed: iptables: No chain/target/mat>
Sep 23 05:54:15 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule>
Sep 23 05:54:16 bitwise firewalld[546]: WARNING: COMMAND_FAILED: '/usr/bin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule>

Thank you in advance!

Last edited by bit (2018-09-23 00:58:57)

Born as a super user. Arch Linux user since 2016.

Offline

#2 2018-09-22 19:46:34

loqs
Member
Registered: 2014-03-06
Posts: 17,378

Re: [Solved] iptables.service enabled but inactive (dead) after reboot

firewalld.service conflicts with iptables.service

Offline

#3 2018-09-22 23:07:00

bit
Member
From: Jakarta
Registered: 2017-08-02
Posts: 5
Website

Re: [Solved] iptables.service enabled but inactive (dead) after reboot

loqs wrote:

firewalld.service conflicts with iptables.service

Yes, you are right!
I just find out just before you post. Lol.

The problem is, I tried to add rules to allow NFS going through my machine with rules:
https://wiki.archlinux.org/index.php/NFS

-A INPUT -p tcp -m tcp --dport 111 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 20048 -j ACCEPT
-A INPUT -p udp -m udp --dport 111 -j ACCEPT
-A INPUT -p udp -m udp --dport 2049 -j ACCEPT
-A INPUT -p udp -m udp --dport 20048 -j ACCEPT

I tried to use firewalld-cmd (--add-port and --add-service), but no use.
https://unix.stackexchange.com/question … -firewalld

firewall-cmd --permanent --add-service=nfs
firewall-cmd --permanent --add-service=mountd
firewall-cmd --permanent --add-service=rpc-bind
firewall-cmd --reload

Last edited by bit (2018-09-22 23:07:46)

Born as a super user. Arch Linux user since 2016.

Offline

#4 2018-09-22 23:18:10

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: [Solved] iptables.service enabled but inactive (dead) after reboot

That's a separate issue: https://wiki.archlinux.org/index.php/Co … ow_to_post


Please remember to mark your thread as [Solved] by editing your first post and prepending it to the title.

Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#5 2018-09-23 00:57:46

bit
Member
From: Jakarta
Registered: 2017-08-02
Posts: 5
Website

Re: [Solved] iptables.service enabled but inactive (dead) after reboot

Thank you, I will mark this post as [Solved].

Last edited by bit (2018-09-23 01:24:23)

Born as a super user. Arch Linux user since 2016.

Offline

Pages: 1

Board footer

Powered by FluxBB