我的 Debian 12 Bookworm VPS 运行的 Firewalld 1.3.0-1 没有问题。由于不相关的问题,我不得不重建服务器,现在 Firewalld 失败了。
我使用 ansible,因此配置应该与以前相同。在此期间,某些 apt 依赖项可能已发生更改。
为了更容易地排除故障,这里是一个复制品:
- 我创建了一个全新 VPS与我的托管公司;debian 12
- 我以 root 身份登录
$ apt install firewalld --yes$ systemctl status firewalld.service
ERROR: 'python-nftables' failed: internal:0:0-0: Error: No such file or directory; did you mean chain ‘nat_PREROUTING’ in table inet ‘firewalld’?
Error: Could not process rule: No such file or directory
Error: No such file or directory; did you mean chain ‘nat_POSTROUTING’ in table inet ‘firewalld’?
Error: Could not process rule: No such file or directory
...etc.
我的目的是使用 iptables 而不是 nftables(docker 的限制),所以:
- 我编辑
/etc/firewalld/firewalld.config并替换FirewallBackend=nftables为FirewallBackend=iptables $ systemctl restart firewalld.service$ systemctl status firewalld.service
ERROR: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.8.9 (nf_tables):
CHAIN_ADD failed (No such file or directory): chain PREROUTING
RULE_APPEND failed (No such file or directory): rule in chain PREROUTING
RULE_APPEND failed (No such file or directory): rule in chain PREROUTING
CHAIN_ADD failed (No such file or directory): chain POSTROUTING
RULE_APPEND failed (No such file or directory): rule in chain POSTROUTING
RULE_APPEND failed (No such file or directory): rule in chain POSTROUTING
CHAIN_ADD failed (No such file or directory): chain OUTPUT
RULE_APPEND failed (No such file or directory): rule in chain OUTPUT
RULE_APPEND failed (No such file or directory): rule in chain OUTPUT
...etc.
我不明白,因为它之前是可以工作的。正如你所看到的,这是一个全新服务器,没有安装任何程序,也没有配置任何其他程序。我期望它“开箱即用”。
我做错什么了?
(也发布到回购。
答案1
我通过简单的重新启动就修复了这个问题。
然后$ systemctl status firewalld.service显示firewalld正在运行:
Active: active (running) since Mon 2023-08-07 04:34:46 UTC; 31s ago
太出乎意料了!