OpenVZ Forum


Home » General » Support » Trouble using iptables with Centos 8
Trouble using iptables with Centos 8 [message #53667] Fri, 24 July 2020 11:31
javii is currently offline  javii
Messages: 13
Registered: October 2016
Junior Member
Hi, I installed iptables-services with dnf in a default Centos 8 container.

But when trying to start the service:

CT-1011 /# service iptables start
Redirecting to /bin/systemctl start iptables.service
Job for iptables.service failed because the control process exited with error code.
See "systemctl status iptables.service" and "journalctl -xe" for details.


CT-1011 /# service iptables status
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
   Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Fri 2020-07-24 13:25:39 CEST; 35s ago
  Process: 103 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=1/FAILURE)
 Main PID: 103 (code=exited, status=1/FAILURE)

Jul 24 13:25:39 localhost.localdomain systemd[1]: Starting IPv4 firewall with iptables...
Jul 24 13:25:39 localhost.localdomain iptables.init[103]: iptables: Applying firewall rules: iptables-restore v1.8.4 (nf_tables):
Jul 24 13:25:39 localhost.localdomain iptables.init[103]: line 3: CHAIN_UPDATE failed (No such file or directory): chain INPUT
Jul 24 13:25:39 localhost.localdomain iptables.init[103]: line 4: CHAIN_UPDATE failed (No such file or directory): chain FORWARD
Jul 24 13:25:39 localhost.localdomain iptables.init[103]: line 5: CHAIN_UPDATE failed (No such file or directory): chain OUTPUT
Jul 24 13:25:39 localhost.localdomain iptables.init[103]: [FAILED]
Jul 24 13:25:39 localhost.localdomain systemd[1]: iptables.service: Main process exited, code=exited, status=1/FAILURE
Jul 24 13:25:39 localhost.localdomain systemd[1]: iptables.service: Failed with result 'exit-code'.
Jul 24 13:25:39 localhost.localdomain systemd[1]: Failed to start IPv4 firewall with iptables.


It can also be reproduced with:
CT-1011 /# iptables-restore /etc/sysconfig/iptables
iptables-restore v1.8.4 (nf_tables):
line 3: CHAIN_UPDATE failed (No such file or directory): chain INPUT
line 4: CHAIN_UPDATE failed (No such file or directory): chain FORWARD
line 5: CHAIN_UPDATE failed (No such file or directory): chain OUTPUT


CT-1011 /# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.8.4 on Fri Jul 24 03:19:01 2020
*filter
:INPUT ACCEPT [4:318]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [4:254]
COMMIT
# Completed on Fri Jul 24 03:19:01 2020
# Generated by iptables-save v1.8.4 on Fri Jul 24 03:19:01 2020
*security
:INPUT ACCEPT [67278:9025467]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [63785:23076552]
COMMIT
# Completed on Fri Jul 24 03:19:01 2020
# Generated by iptables-save v1.8.4 on Fri Jul 24 03:19:01 2020
*raw
:PREROUTING ACCEPT [5:663]
:OUTPUT ACCEPT [4:254]
COMMIT
# Completed on Fri Jul 24 03:19:01 2020
# Generated by iptables-save v1.8.4 on Fri Jul 24 03:19:01 2020
*mangle
:PREROUTING ACCEPT [5:663]
:INPUT ACCEPT [4:318]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4:254]
:POSTROUTING ACCEPT [4:254]
COMMIT
# Completed on Fri Jul 24 03:19:01 2020
# Generated by iptables-save v1.8.4 on Fri Jul 24 03:19:01 2020
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Fri Jul 24 03:19:01 2020


I have verified that this works in a Centos 8 VM (not container).
Previous Topic: vzpkg clean error
Next Topic: Unable to connect to Parallels Server
Goto Forum:
  


Current Time: Tue Mar 19 07:00:59 GMT 2024

Total time taken to generate the page: 0.02530 seconds