SYSTEM INFORMATION | |
---|---|
Ubuntu server 20;.04 running on a OpenVZ VPS.
|||
Virtualmin 6.17-3
This is a new install.
I went to Webmin/Networking/FirewallD and attempted to add an allowed port. It showed up in the rules list so I pressed the “apply” button. I say apply 'cause I don’t recall the exact name.
Now there are no rules listed and iptables -L gives me the basics,
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
So I attempted to add it again and see what happens, firewallD isn’t running so to button now reads Start FirewallD. When I press it, it just refreshes the screen and a systemctl status firewalld returns:
Jan 20 18:57:20 linux.2a6055.com systemd[1]: Starting firewalld - dynamic firewall daemon...
Jan 20 18:57:21 linux.2a6055.com systemd[1]: Started firewalld - dynamic firewall daemon.
Jan 20 18:59:45 linux.2a6055.com firewalld[39304]: WARNING: ALREADY_ENABLED: 'ssh' already in 'public'
Jan 20 18:59:46 linux.2a6055.com firewalld[39304]: WARNING: ALREADY_ENABLED: ssh
Jan 20 19:00:08 linux.2a6055.com firewalld[39304]: WARNING: ZONE_ALREADY_SET: public
Jan 20 19:40:15 linux.2a6055.com firewalld[39304]: WARNING: ALREADY_ENABLED: ssh
Jan 20 19:41:38 linux.2a6055.com firewalld[39304]: ERROR: '/usr/sbin/ebtables-restore --noflush' failed: ebtables-restore v1.8.4 (nf_tables):
line 3: CHAIN_USER_DEL failed (Device or resource busy): chain PREROUTING_direct
line 3: CHAIN_USER_DEL failed (Device or resource busy): chain POSTROUTING_direct
line 3: CHAIN_USER_DEL failed (Device or resource busy): chain OUTPUT_direct
line 7: CHAIN_USER_DEL failed (Device or resource busy): chain INPUT_direct
line 7: CHAIN_USER_DEL failed (Device or resource busy): chain OUTPUT_direct
I omitted the first few lines.
It doesn’t like like firewalld is ready for prime time. SHould I disable firwalld and install ufw? Or maybe go back to plain vanilla iptables?
I also observed that the FirewallBackend in the config file is iptables. However the above error message refers to nf_tables.
Thanks,
Jim.