我的 Debian 12 Bookworm VPS 运行防火墙 1.3.0-1 没有问题。由于不相关的问题,我不得不重建服务器,现在firewalld失败了。
我使用ansible,所以配置应该和之前的一样。也许一些适当的依赖关系在此期间发生了变化。
为了更轻松地排除故障,这里有一个重现:
- 我与我的托管公司创建了一个全新的 VPS ;Debian 12
- 我以 root 身份登录
$ apt install firewalld --yes$ systemctl status firewalld.service
ERROR: 'python-nftables' failed: internal:0:0-0: Error: No such file or directory; did you mean chain ‘nat_PREROUTING’ in table inet ‘firewalld’?
Error: Could not process rule: No such file or directory
Error: No such file or directory; did you mean chain ‘nat_POSTROUTING’ in table inet ‘firewalld’?
Error: Could not process rule: No such file or directory
...etc.
我的目的是使用 iptables 而不是 nftables (docker 限制),所以:
- 我编辑
/etc/firewalld/firewalld.config并替换FirewallBackend=nftables为FirewallBackend=iptables $ systemctl restart firewalld.service$ systemctl status firewalld.service
ERROR: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.8.9 (nf_tables):
CHAIN_ADD failed (No such file or directory): chain PREROUTING
RULE_APPEND failed (No such file or directory): rule in chain PREROUTING
RULE_APPEND failed (No such file or directory): rule in chain PREROUTING
CHAIN_ADD failed (No such file or directory): chain POSTROUTING
RULE_APPEND failed (No such file or directory): rule in chain POSTROUTING
RULE_APPEND failed (No such file or directory): rule in chain POSTROUTING
CHAIN_ADD failed (No such file or directory): chain OUTPUT
RULE_APPEND failed (No such file or directory): rule in chain OUTPUT
RULE_APPEND failed (No such file or directory): rule in chain OUTPUT
...etc.
我不明白,因为它之前工作过。正如您所看到的,这是一个全新的服务器,没有安装任何东西,也没有配置任何其他东西。我希望它能够“开箱即用”。
我做错了什么?
(也发布到repo。)
我通过简单的重新启动就解决了这个问题。
然后
$ systemctl status firewalld.service显示firewalld正在运行:多么出乎意料啊!