我的 ubuntu 机器的 ufw/iptables 和内核包存在问题。ufw 服务未运行,因为 iptables 无法启动。iptables 因内核问题而失败。重新安装内核后,iptables 和 ufw 可以正常工作。然后重启后,它再次失败。我不知道该如何修复这个问题,以便它在重启后再次正常工作。
这是我的系统:
分销商 ID:Ubuntu 描述:Ubuntu 16.04.3 LTS 发行版:16.04 代号:xenial
任何线索都非常感谢。谢谢。
service ufw start
Job for ufw.service failed because the control process exited with error code. See "systemctl status ufw.service" and "journalctl -xe" for details.
systemctl status ufw.service
● ufw.service - Uncomplicated firewall
Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2017-08-22 21:25:48 CEST; 23s ago
Process: 26570 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=1/FAILURE)
Main PID: 26570 (code=exited, status=1/FAILURE)
Aug 22 21:25:47 mymachine.mydomain.net ufw-init[26570]: Error occurred at line: 1
Aug 22 21:25:47 mymachine.mydomain.net ufw-init[26570]: Try `iptables-restore -h' or 'iptables-restore --help' for more information.
Aug 22 21:25:48 mymachine.mydomain.net ufw-init[26570]: Problem loading ipv6 (skipping)
Aug 22 21:25:48 mymachine.mydomain.net ufw-init[26570]: Problem running '/etc/ufw/before.rules'
Aug 22 21:25:48 mymachine.mydomain.net ufw-init[26570]: Problem running '/etc/ufw/after.rules'
Aug 22 21:25:48 mymachine.mydomain.net ufw-init[26570]: Problem running '/etc/ufw/user.rules'
Aug 22 21:25:48 mymachine.mydomain.net systemd[1]: ufw.service: Main process exited, code=exited, status=1/FAILURE
Aug 22 21:25:48 mymachine.mydomain.net systemd[1]: Failed to start Uncomplicated firewall.
Aug 22 21:25:48 mymachine.mydomain.net systemd[1]: ufw.service: Unit entered failed state.
Aug 22 21:25:48 mymachine.mydomain.net systemd[1]: ufw.service: Failed with result 'exit-code'.
ls /boot
abi-4.4.0-63-generic config-4.4.0-64-generic initrd.img-4.4.0-64-generic System.map-4.4.0-64-generic vmlinuz-4.4.0-66-generic
abi-4.4.0-64-generic config-4.4.0-66-generic initrd.img-4.4.0-66-generic System.map-4.4.0-66-generic vmlinuz-4.4.0-67-generic
abi-4.4.0-66-generic config-4.4.0-67-generic initrd.img-4.4.0-67-generic System.map-4.4.0-67-generic vmlinuz-4.4.0-70-generic
abi-4.4.0-67-generic config-4.4.0-70-generic initrd.img-4.4.0-70-generic System.map-4.4.0-70-generic vmlinuz-4.4.0-71-generic
abi-4.4.0-70-generic config-4.4.0-71-generic initrd.img-4.4.0-71-generic System.map-4.4.0-71-generic vmlinuz-4.4.0-72-generic
abi-4.4.0-71-generic config-4.4.0-72-generic initrd.img-4.4.0-72-generic System.map-4.4.0-72-generic vmlinuz-4.4.0-75-generic
abi-4.4.0-72-generic config-4.4.0-75-generic initrd.img-4.4.0-75-generic System.map-4.4.0-75-generic vmlinuz-4.4.0-79-generic
abi-4.4.0-75-generic config-4.4.0-79-generic initrd.img-4.4.0-79-generic System.map-4.4.0-79-generic
abi-4.4.0-79-generic grub lost+found vmlinuz-4.4.0-63-generic
config-4.4.0-63-generic initrd.img-4.4.0-63-generic System.map-4.4.0-63-generic vmlinuz-4.4.0-64-generic
sudo apt-get install --reinstall linux-image-$(uname -r)
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
linux-headers-4.4.0-78 linux-headers-4.4.0-78-generic
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 4 not upgraded.
Need to get 0 B/21.9 MB of archives.
After this operation, 0 B of additional disk space will be used.
(Reading database ... 312709 files and directories currently installed.)
Preparing to unpack .../linux-image-4.4.0-79-generic_4.4.0-79.100_amd64.deb ...
Done.
Unpacking linux-image-4.4.0-79-generic (4.4.0-79.100) over (4.4.0-79.100) ...
Examining /etc/kernel/postrm.d .
run-parts: executing /etc/kernel/postrm.d/initramfs-tools 4.4.0-79-generic /boot/vmlinuz-4.4.0-79-generic
run-parts: executing /etc/kernel/postrm.d/zz-update-grub 4.4.0-79-generic /boot/vmlinuz-4.4.0-79-generic
Setting up linux-image-4.4.0-79-generic (4.4.0-79.100) ...
Running depmod.
update-initramfs: deferring update (hook will be called later)
Not updating initrd symbolic links since we are being updated/reinstalled
(4.4.0-79.100 was configured last, according to dpkg)
Not updating image symbolic links since we are being updated/reinstalled
(4.4.0-79.100 was configured last, according to dpkg)
Examining /etc/kernel/postinst.d.
run-parts: executing /etc/kernel/postinst.d/apt-auto-removal 4.4.0-79-generic /boot/vmlinuz-4.4.0-79-generic
run-parts: executing /etc/kernel/postinst.d/initramfs-tools 4.4.0-79-generic /boot/vmlinuz-4.4.0-79-generic
update-initramfs: Generating /boot/initrd.img-4.4.0-79-generic
W: mdadm: /etc/mdadm/mdadm.conf defines no arrays.
run-parts: executing /etc/kernel/postinst.d/unattended-upgrades 4.4.0-79-generic /boot/vmlinuz-4.4.0-79-generic
run-parts: executing /etc/kernel/postinst.d/update-notifier 4.4.0-79-generic /boot/vmlinuz-4.4.0-79-generic
run-parts: executing /etc/kernel/postinst.d/zz-update-grub 4.4.0-79-generic /boot/vmlinuz-4.4.0-79-generic
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.4.0-79-generic
Found initrd image: /boot/initrd.img-4.4.0-79-generic
Found linux image: /boot/vmlinuz-4.4.0-75-generic
Found initrd image: /boot/initrd.img-4.4.0-75-generic
Found linux image: /boot/vmlinuz-4.4.0-72-generic
Found initrd image: /boot/initrd.img-4.4.0-72-generic
Found linux image: /boot/vmlinuz-4.4.0-71-generic
Found initrd image: /boot/initrd.img-4.4.0-71-generic
Found linux image: /boot/vmlinuz-4.4.0-70-generic
Found initrd image: /boot/initrd.img-4.4.0-70-generic
Found linux image: /boot/vmlinuz-4.4.0-67-generic
Found initrd image: /boot/initrd.img-4.4.0-67-generic
Found linux image: /boot/vmlinuz-4.4.0-66-generic
Found initrd image: /boot/initrd.img-4.4.0-66-generic
Found linux image: /boot/vmlinuz-4.4.0-64-generic
Found initrd image: /boot/initrd.img-4.4.0-64-generic
Found linux image: /boot/vmlinuz-4.4.0-63-generic
Found initrd image: /boot/initrd.img-4.4.0-63-generic
done
service ufw start
service ufw status
● ufw.service - Uncomplicated firewall
Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
Active: active (exited) since Tue 2017-08-22 21:30:42 CEST; 6s ago
Process: 3165 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=0/SUCCESS)
Main PID: 3165 (code=exited, status=0/SUCCESS)
Aug 22 21:30:42 mymachine.mydomain.net systemd[1]: Starting Uncomplicated firewall...
Aug 22 21:30:42 mymachine.mydomain.net systemd[1]: Started Uncomplicated firewall.
reboot
service ufw status
● ufw.service - Uncomplicated firewall
Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2017-08-22 21:32:56 CEST; 44s ago
Process: 399 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=1/FAILURE)
Main PID: 399 (code=exited, status=1/FAILURE)
Aug 22 21:32:56 mymachine.mydomain.net ufw-init[399]: Error occurred at line: 1
Aug 22 21:32:56 mymachine.mydomain.net ufw-init[399]: Try `iptables-restore -h' or 'iptables-restore --help' for more information.
Aug 22 21:32:56 mymachine.mydomain.net ufw-init[399]: Problem loading ipv6 (skipping)
Aug 22 21:32:56 mymachine.mydomain.net ufw-init[399]: Problem running '/etc/ufw/before.rules'
Aug 22 21:32:56 mymachine.mydomain.net ufw-init[399]: Problem running '/etc/ufw/after.rules'
Aug 22 21:32:56 mymachine.mydomain.net ufw-init[399]: Problem running '/etc/ufw/user.rules'
Aug 22 21:32:56 mymachine.mydomain.net systemd[1]: ufw.service: Main process exited, code=exited, status=1/FAILURE
Aug 22 21:32:56 mymachine.mydomain.net systemd[1]: Failed to start Uncomplicated firewall.
Aug 22 21:32:56 mymachine.mydomain.net systemd[1]: ufw.service: Unit entered failed state.
Aug 22 21:32:56 mymachine.mydomain.net systemd[1]: ufw.service: Failed with result 'exit-code'.
答案1
你的 rc.local 文件中有 iptables 吗?
您必须告诉系统启动 iptables。
问候。