我有一台 CentOS 服务器,我最近在上面运行了 yum-update,唯一的更新是 centos-release。我应用了更新,但从那以后 FirewallD 就一直报错。
我卸载并重新安装了该软件包,以为我可能只是破坏了配置,但现在,每当我尝试使用服务命令启动 FirewallD 时,都会被告知服务失败,并给出以下输出
Dec 17 15:54:57 DMZ01 systemd[1]: Starting firewalld - dynamic firewall daemon...
-- Subject: Unit firewalld.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has begun starting up.
Dec 17 15:54:57 DMZ01 systemd[1]: firewalld.service: main process exited, code=exited, status=1/FAILURE
Dec 17 15:54:57 DMZ01 systemd[1]: Failed to start firewalld - dynamic firewall daemon.
-- Subject: Unit firewalld.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has failed.
--
-- The result is failed.
Dec 17 15:54:57 DMZ01 systemd[1]: Unit firewalld.service entered failed state.
Dec 17 15:54:57 DMZ01 systemd[1]: firewalld.service failed.
运行任何firewall-cmd命令只会告诉我 Firewalld 没有运行。
结果cat /etc/centor-release是:CentOS Linux release 7.9.2009 (Core)
运行firewalld带有--debug参数的命令会立即终止我与服务器的连接并锁定所有传入连接。我必须手动重启服务器才能重新进入。
调试命令的输出转储到此处/var/log/firewalld并可在此处查看:
https://pastebin.com/N81tWkhj
输出/etc/firewalld/zones/public.xml
<?xml version="1.0" encoding="utf-8"?>
<zone target="default">
<short>Public</short>
<description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
<port protocol="tcp" port="21"/>
<port protocol="tcp" port="60000-65335"/>
</zone>