TW:

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

TW:

amab
Hi,

when adding a rule to a previously defined chain with firewall-cmd --direct
this fails with Error: COMMAND_FAILED

# firewall-cmd --direct --add-chain ipv4 filter IN_home_lpt
success
# firewall-cmd --direct --add-rule ipv4 filter IN_home_lpt 20 '-j IN_home_lpt'
Error: COMMAND_FAILED

debugging output of firewalld is
..
 DEBUG2: <class 'firewall.core.ipXtables.ip4tables'>: /usr/sbin/iptables-
restore /run/firewalld/temp.h2n5ztp6: 49
       1: *filter
       2: -I IN_home_lpt 1 "-j IN_home_lpt"
       3: COMMIT
 WARNING: '/usr/sbin/iptables-restore --wait=2 -n' failed: /usr/sbin/iptables-
restore: unrecognized option '--wait=2'
iptables-restore v1.6.1: Invalid target name ` IN_home_lpt'
Error occurred at line: 2
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
 ERROR: COMMAND_FAILED

With iptables v1.6.1 (currrent TW), iptables-restore doesn't support option --
wait.

Is this a version-mismatch in TW or a bug of firewall-cmd?.

Regards
mab


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]