root@love:~# firewall-cmd --reload
Error: COMMAND_FAILED: ‘/usr/sbin/ip6tables-restore -w -n’ failed: ip6tables-restore v1.8.2 (nf_tables):
line 4: RULE_REPLACE failed (No such file or directory): rule in chain INPUT
line 4: RULE_REPLACE failed (No such file or directory): rule in chain OUTPUT
Reboot. → still no change.
On a different note (maybe a bug?) just FYI:
I just updated webmin and now Webmin > Networking > Firewalld is stuck on the notice that the Firewalld server needs to be started. I keep up clicking the green button to start Firewalld, but it doesn’t ever progress from there.
Now, I’m not sure if firewalld is totally messed up:
root@love:~# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-05-02 11:07:00 PDT; 37min ago
Docs: man:firewalld(1)
Main PID: 400 (firewalld)
Tasks: 2 (limit: 4915)
Memory: 40.8M
CGroup: /system.slice/firewalld.service
└─400 /usr/bin/python3 /usr/sbin/firewalld --nofork --nopid
May 02 11:06:56 love.radhify.com systemd[1]: Starting firewalld - dynamic firewall daemon…
May 02 11:07:00 love.radhify.com systemd[1]: Started firewalld - dynamic firewall daemon.
May 02 11:20:05 love.radhify.com firewalld[400]: WARNING: ALREADY_ENABLED: 1090:tcp
May 02 11:20:17 love.radhify.com firewalld[400]: ERROR: ‘/usr/sbin/iptables-restore -w -n’ failed: iptables-restore v1.8.2 (nf_tables):
line 4: RULE_REPLACE failed (No such file or directory): rule in chain INPUT
line 4: RULE_REPLACE failed (No such file or directory): rule in chain OUTPUT
May 02 11:20:17 love.radhify.com firewalld[400]: ERROR: ‘/usr/sbin/ip6tables-restore -w -n’ failed: ip6tables-restore v1.8.2 (nf_tables):
line 4: RULE_REPLACE failed (No such file or directory): rule in chain INPUT
line 4: RULE_REPLACE failed (No such file or directory): rule in chain OUTPUT
May 02 11:20:17 love.radhify.com firewalld[400]: ERROR: ‘/usr/sbin/iptables-restore -w -n’ failed: iptables-restore v1.8.2 (nf_tables): Chain already exists
May 02 11:20:17 love.radhify.com firewalld[400]: ERROR: ‘/usr/sbin/ip6tables-restore -w -n’ failed: ip6tables-restore v1.8.2 (nf_tables): Chain already exists
May 02 11:20:17 love.radhify.com firewalld[400]: WARNING: COMMAND_FAILED: ‘/usr/sbin/ip6tables-restore -w -n’ failed: ip6tables-restore v1.8.2 (nf_tables): Chain already exists
May 02 11:20:17 love.radhify.com firewalld[400]: ERROR: COMMAND_FAILED: ‘/usr/sbin/ip6tables-restore -w -n’ failed: ip6tables-restore v1.8.2 (nf_tables):
line 4: RULE_REPLACE failed (No such file or directory): rule in chain INPUT
line 4: RULE_REPLACE failed (No such file or directory): rule in chain OUTPUT
root@love:~#
Does anyone have any troubleshooting suggestions on what I need to do to open TCP port 1090?
1090 is above 1024, and that’s not really a golden rule, it’s a permissions thing in UNIX going back decades.
Users are not allowed to bind to ports up to 1024 in order to prevent them from squatting on important system services, and were (by default) allowed to start things on high ports because nothing important ran there. That’s a historic convention, and the system administration has always been able to decide what goes on low ports.
Whether an administrator decides to open low ports (or high ports) is entirely up to them.
I believe the default firewall we setup already opens the high ports, by default. So, the answer to how to open port 1090 is “do nothing, it’s already open”.
In your case, it kinda looks like one of two things is happening:
What you think the service is doing with port 1090 is not actually what it is doing.
The service is not actually starting.
“Open” port does not mean “listening” port. An open firewall port with no service listening on that port does literally nothing.
@Joe crap I ain’t had my glasses on…seen totally different number. No explanation need it at least for me. Well thanks for letting me know that I was wrong