0

this is in RHEL-8.10 x86-64

from a clean install from rhel-8.10-x86_64-dvd.iso and only using the public.xml file;

the only things I do is

# quad port nic with eno4 being my wan connection

firewall-cmd --zone=public  --add-interface=eno4   {if needed}

firewall-cmd --zone=public --add-port=445/tcp
firewall-cmd --zone=public --add-port=2049/tcp
firewall-cmd --zone=public --add-port=8443/tcp

firewall-cmd --runtime-to-permanent
firewall-cmd --zone=public --list-all

everything then lists out as expected, and everything works. After some amount of time and users doing whatever they do on the system, samba and our vnc connection fail. Upon troubleshooting:

  • firewall-cmd --list-all shows only what the default public.xml has coming from install time which is only ssh, cockpit, dchpv6-client; my 445, 2049, 8443 are gone
  • we can successfully do systemctl stop firewalld and then samba, nfs, vnc connections immediately work
  • trying systemctl start firewalld repeatedly fails with a simple timeout error.
  • trying any subsequent firewall-cmd results in some sort of red text of errors centered around python-nftables and error: command not found
  • a simple reboot fixes everything
    • i didn't have a chance to copy the exact firewalld python-nftables error message in red text

any insight as to the cause of the described error and potential fixes that would make it so we wouldn't have to reboot would be cool.

Improve this question
1
  • Look at service firewall status, and sudo journalctl -b 0 -u firewalld to get more data. Commented Oct 13 at 16:37

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.