Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
firewalld on Debian 12
328 views
Skip to first unread message
David Mehler
Jul 8, 2023, 2:20:07 AM7/8/23
to
Hello,
I'm trying to get firewalld going on Debian 12. I'm getting a python
error and I've seen it on google searches but not found a resolution.
Any suggestions welcome. Here's the complete log.
Thanks.
Dave.
root@hostname:/etc/ssh#cat /etc/debian_version
12.0
root@hostname:~#apt install firewalld
Reading package lists... 0%Reading package lists... 100%Reading
package lists... Done
Building dependency tree... 0%Building dependency tree... 0%Building
dependency tree... 50%Building dependency tree... 50%Building
dependency tree... Done
Reading state information... 0% Reading state information... 0%Reading
state information... Done
The following additional packages will be installed:
gir1.2-nm-1.0 ipset iptables libipset13 libnftables1 libnm0 nftables
python3-attr python3-cap-ng python3-firewall python3-idna
python3-json-pointer python3-jsonschema python3-nftables
python3-pyrsistent python3-rfc3987 python3-uritemplate python3-webcolors
Suggested packages:
python-attr-doc python-jsonschema-doc
The following NEW packages will be installed:
firewalld gir1.2-nm-1.0 ipset iptables libipset13 libnftables1 libnm0
nftables python3-attr python3-cap-ng python3-firewall python3-idna
python3-json-pointer python3-jsonschema python3-nftables
python3-pyrsistent python3-rfc3987 python3-uritemplate python3-webcolors
0 upgraded, 19 newly installed, 0 to remove and 0 not upgraded.
Need to get 2171 kB of archives.
After this operation, 11.4 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
0% [Working] Get:1 https://ftp.debian.org/debian
bookworm-proposed-updates/main amd64 libnftables1 amd64
1.0.6-2+deb12u1 [298 kB]
0% [1 libnftables1 0 B/298 kB 0%] 12%
[Working] Get:2 https://ftp.debian.org/debian
bookworm-proposed-updates/main amd64 nftables amd64 1.0.6-2+deb12u1
[70.1 kB]
12% [2 nftables 0 B/70.1 kB 0%] 16%
[Working] Get:3 https://ftp.debian.org/debian
bookworm/main amd64 libnm0 amd64 1.42.4-1 [436 kB]
16% [3 libnm0 0 B/436 kB 0%] 33% [Working]
Get:4 https://ftp.debian.org/debian bookworm/main amd64
gir1.2-nm-1.0 amd64 1.42.4-1 [77.3 kB]
33% [4 gir1.2-nm-1.0 16.4 kB/77.3 kB 21%]
37% [Working] Get:5
https://ftp.debian.org/debian bookworm/main amd64 python3-attr all
22.2.0-1 [65.4 kB]
37% [5 python3-attr 3928 B/65.4 kB 6%]
40% [Working] Get:6 https://ftp.debian.org/debian
bookworm/main amd64 python3-pyrsistent amd64 0.18.1-1+b3 [60.0 kB]
40% [6 python3-pyrsistent 0 B/60.0 kB 0%]
43% [Waiting for headers] Get:7
https://ftp.debian.org/debian bookworm/main amd64 python3-jsonschema
all 4.10.3-1 [67.9 kB]
43% [7 python3-jsonschema 0 B/67.9 kB 0%]
47% [Working] Get:8
https://ftp.debian.org/debian bookworm-proposed-updates/main amd64
python3-nftables amd64 1.0.6-2+deb12u1 [15.3 kB]
47% [8 python3-nftables 0 B/15.3 kB 0%]
49% [Waiting for headers] Get:9
https://ftp.debian.org/debian bookworm/main amd64 python3-firewall all
1.3.0-1 [131 kB]
49% [9 python3-firewall 0 B/131 kB 0%]
54% [Waiting for headers] Get:10
https://ftp.debian.org/debian bookworm/main amd64 firewalld all
1.3.0-1 [368 kB]
54% [10 firewalld 0 B/368 kB 0%] 69%
[Working] Get:11 https://ftp.debian.org/debian
bookworm/main amd64 libipset13 amd64 7.17-1 [67.5 kB]
71% [11 libipset13 41.4 kB/67.5 kB 61%]
73% [Working] Get:12 https://ftp.debian.org/debian
bookworm/main amd64 ipset amd64 7.17-1 [45.7 kB]
73% [12 ipset 16.4 kB/45.7 kB 36%]
75% [Working] Get:13 https://ftp.debian.org/debian
bookworm/main amd64 iptables amd64 1.8.9-2 [360 kB]
75% [13 iptables 0 B/360 kB 0%] 90%
[Working] Get:14 https://ftp.debian.org/debian
bookworm/main amd64 python3-cap-ng amd64 0.8.3-1+b3 [21.5 kB]
90% [14 python3-cap-ng 0 B/21.5 kB 0%]
92% [Working] Get:15 https://ftp.debian.org/debian
bookworm/main amd64 python3-idna all 3.3-1 [39.4 kB]
92% [15 python3-idna 0 B/39.4 kB 0%]
94% [Working] Get:16 https://ftp.debian.org/debian
bookworm/main amd64 python3-json-pointer all 2.3-2 [15.1 kB]
94% [16 python3-json-pointer 0 B/15.1 kB 0%]
96% [Working] Get:17
https://ftp.debian.org/debian bookworm/main amd64 python3-rfc3987 all
1.3.8-2 [8816 B]
96% [17 python3-rfc3987 8816 B/8816 B 100%]
97% [Waiting for headers]
Get:18 https://ftp.debian.org/debian bookworm/main amd64
python3-uritemplate all 4.1.1-2 [10.9 kB]
97% [18 python3-uritemplate 10.9 kB/10.9 kB 100%]
98% [Working] Get:19
https://ftp.debian.org/debian bookworm/main amd64 python3-webcolors
all 1.11.1-1 [12.7 kB]
98% [19 python3-webcolors 0 B/12.7 kB 0%]
100% [Working] Fetched 2171 kB in 1s (3304
kB/s)
Selecting previously unselected package libnftables1:amd64.
(Reading database ... (Reading database ... 5%(Reading database ...
10%(Reading database ... 15%(Reading database ... 20%(Reading database
... 25%(Reading database ... 30%(Reading database ... 35%(Reading
database ... 40%(Reading database ... 45%(Reading database ...
50%(Reading database ... 55%(Reading database ... 60%(Reading database
... 65%(Reading database ... 70%(Reading database ... 75%(Reading
database ... 80%(Reading database ... 85%(Reading database ...
90%(Reading database ... 95%(Reading database ... 100%(Reading
database ... 37406 files and directories currently installed.)
Preparing to unpack .../00-libnftables1_1.0.6-2+deb12u1_amd64.deb ...
Progress: [ 0%]
[.......................................................] Progress: [
1%] [.......................................................]
Unpacking libnftables1:amd64 (1.0.6-2+deb12u1) ...
Progress: [ 3%]
[#......................................................] Selecting
previously unselected package nftables.
Preparing to unpack .../01-nftables_1.0.6-2+deb12u1_amd64.deb ...
Progress: [ 4%]
[##.....................................................] Unpacking
nftables (1.0.6-2+deb12u1) ...
Progress: [ 5%]
[##.....................................................] Selecting
previously unselected package libnm0:amd64.
Preparing to unpack .../02-libnm0_1.42.4-1_amd64.deb ...
Progress: [ 6%]
[###....................................................] Unpacking
libnm0:amd64 (1.42.4-1) ...
Progress: [ 8%]
[####...................................................] Selecting
previously unselected package gir1.2-nm-1.0:amd64.
Preparing to unpack .../03-gir1.2-nm-1.0_1.42.4-1_amd64.deb ...
Progress: [ 9%]
[#####..................................................] Unpacking
gir1.2-nm-1.0:amd64 (1.42.4-1) ...
Progress: [ 10%]
[#####..................................................] Selecting
previously unselected package python3-attr.
Preparing to unpack .../04-python3-attr_22.2.0-1_all.deb ...
Progress: [ 12%]
[######.................................................] Unpacking
python3-attr (22.2.0-1) ...
Progress: [ 13%]
[#######................................................] Selecting
previously unselected package python3-pyrsistent:amd64.
Preparing to unpack .../05-python3-pyrsistent_0.18.1-1+b3_amd64.deb ...
Progress: [ 14%]
[#######................................................] Unpacking
python3-pyrsistent:amd64 (0.18.1-1+b3) ...
Progress: [ 16%]
[########...............................................] Selecting
previously unselected package python3-jsonschema.
Preparing to unpack .../06-python3-jsonschema_4.10.3-1_all.deb ...
Progress: [ 17%]
[#########..............................................] Unpacking
python3-jsonschema (4.10.3-1) ...
Progress: [ 18%]
[##########.............................................] Selecting
previously unselected package python3-nftables.
Preparing to unpack .../07-python3-nftables_1.0.6-2+deb12u1_amd64.deb ...
Progress: [ 19%]
[##########.............................................] Unpacking
python3-nftables (1.0.6-2+deb12u1) ...
Progress: [ 21%]
[###########............................................] Selecting
previously unselected package python3-firewall.
Preparing to unpack .../08-python3-firewall_1.3.0-1_all.deb ...
Progress: [ 22%]
[############...........................................] Unpacking
python3-firewall (1.3.0-1) ...
Progress: [ 23%]
[############...........................................] Selecting
previously unselected package firewalld.
Preparing to unpack .../09-firewalld_1.3.0-1_all.deb ...
Progress: [ 25%]
[#############..........................................] Unpacking
firewalld (1.3.0-1) ...
Progress: [ 26%]
[##############.........................................] Selecting
previously unselected package libipset13:amd64.
Preparing to unpack .../10-libipset13_7.17-1_amd64.deb ...
Progress: [ 27%]
[###############........................................] Unpacking
libipset13:amd64 (7.17-1) ...
Progress: [ 29%]
[###############........................................] Selecting
previously unselected package ipset.
Preparing to unpack .../11-ipset_7.17-1_amd64.deb ...
Progress: [ 30%]
[################.......................................] Unpacking
ipset (7.17-1) ...
Progress: [ 31%]
[#################......................................] Selecting
previously unselected package iptables.
Preparing to unpack .../12-iptables_1.8.9-2_amd64.deb ...
Progress: [ 32%]
[#################......................................] Unpacking
iptables (1.8.9-2) ...
Progress: [ 34%]
[##################.....................................] Selecting
previously unselected package python3-cap-ng.
Preparing to unpack .../13-python3-cap-ng_0.8.3-1+b3_amd64.deb ...
Progress: [ 35%]
[###################....................................] Unpacking
python3-cap-ng (0.8.3-1+b3) ...
Progress: [ 36%]
[####################...................................] Selecting
previously unselected package python3-idna.
Preparing to unpack .../14-python3-idna_3.3-1_all.deb ...
Progress: [ 38%]
[####################...................................] Unpacking
python3-idna (3.3-1) ...
Progress: [ 39%]
[#####################..................................] Selecting
previously unselected package python3-json-pointer.
Preparing to unpack .../15-python3-json-pointer_2.3-2_all.deb ...
Progress: [ 40%]
[######################.................................] Unpacking
python3-json-pointer (2.3-2) ...
Progress: [ 42%]
[######################.................................] Selecting
previously unselected package python3-rfc3987.
Preparing to unpack .../16-python3-rfc3987_1.3.8-2_all.deb ...
Progress: [ 43%]
[#######################................................] Unpacking
python3-rfc3987 (1.3.8-2) ...
Progress: [ 44%]
[########################...............................] Selecting
previously unselected package python3-uritemplate.
Preparing to unpack .../17-python3-uritemplate_4.1.1-2_all.deb ...
Progress: [ 45%]
[#########################..............................] Unpacking
python3-uritemplate (4.1.1-2) ...
Progress: [ 47%]
[#########################..............................] Selecting
previously unselected package python3-webcolors.
Preparing to unpack .../18-python3-webcolors_1.11.1-1_all.deb ...
Progress: [ 48%]
[##########################.............................] Unpacking
python3-webcolors (1.11.1-1) ...
Progress: [ 49%]
[###########################............................] Setting up
python3-attr (22.2.0-1) ...
Progress: [ 51%]
[###########################............................] Progress: [
52%] [############################...........................] Setting
up libnftables1:amd64 (1.0.6-2+deb12u1) ...
Progress: [ 53%]
[#############################..........................] Progress: [
55%] [##############################.........................] Setting
up nftables (1.0.6-2+deb12u1) ...
Progress: [ 56%]
[##############################.........................] Progress: [
57%] [###############################........................] Setting
up python3-cap-ng (0.8.3-1+b3) ...
Progress: [ 58%]
[################################.......................] Progress: [
60%] [################################.......................] Setting
up iptables (1.8.9-2) ...
Progress: [ 61%]
[#################################......................]
update-alternatives: using /usr/sbin/iptables-legacy to provide
/usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-legacy to provide
/usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/iptables-nft to provide
/usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-nft to provide
/usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/arptables-nft to provide
/usr/sbin/arptables (arptables) in auto mode
update-alternatives: using /usr/sbin/ebtables-nft to provide
/usr/sbin/ebtables (ebtables) in auto mode
Progress: [ 62%]
[##################################.....................] Setting up
python3-uritemplate (4.1.1-2) ...
Progress: [ 64%]
[###################################....................] Progress: [
65%] [###################################....................] Setting
up python3-firewall (1.3.0-1) ...
Progress: [ 66%]
[####################################...................] Progress: [
68%] [#####################################..................] Setting
up python3-webcolors (1.11.1-1) ...
Progress: [ 69%]
[#####################################..................] Progress: [
70%] [######################################.................] Setting
up python3-rfc3987 (1.3.8-2) ...
Progress: [ 71%]
[#######################################................] Progress: [
73%] [########################################...............] Setting
up python3-idna (3.3-1) ...
Progress: [ 74%]
[########################################...............] Progress: [
75%] [#########################################..............] Setting
up libnm0:amd64 (1.42.4-1) ...
Progress: [ 77%]
[##########################################.............] Progress: [
78%] [##########################################.............] Setting
up python3-pyrsistent:amd64 (0.18.1-1+b3) ...
Progress: [ 79%]
[###########################################............] Progress: [
81%] [############################################...........] Setting
up libipset13:amd64 (7.17-1) ...
Progress: [ 82%]
[#############################################..........] Progress: [
83%] [#############################################..........] Setting
up python3-json-pointer (2.3-2) ...
Progress: [ 84%]
[##############################################.........] Progress: [
86%] [###############################################........] Setting
up gir1.2-nm-1.0:amd64 (1.42.4-1) ...
Progress: [ 87%]
[###############################################........] Progress: [
88%] [################################################.......] Setting
up ipset (7.17-1) ...
Progress: [ 90%]
[#################################################......] Progress: [
91%] [##################################################.....] Setting
up python3-jsonschema (4.10.3-1) ...
Progress: [ 92%]
[##################################################.....] Progress: [
94%] [###################################################....] Setting
up python3-nftables (1.0.6-2+deb12u1) ...
Progress: [ 95%]
[####################################################...] Progress: [
96%] [####################################################...] Setting
up firewalld (1.3.0-1) ...
Progress: [ 97%]
[#####################################################..]
update-alternatives: using
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy.choice
to provide /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy
(org.fedoraproject.FirewallD1.policy) in auto mode
Created symlink
/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service ?
/lib/systemd/system/firewalld.service.
Created symlink
/etc/systemd/system/multi-user.target.wants/firewalld.service ?
/lib/systemd/system/firewalld.service.
Progress: [ 99%]
[######################################################.] Processing
triggers for man-db (2.11.2-2) ...
Processing triggers for dbus (1.14.8-1~deb12u1) ...
Processing triggers for libc-bin (2.36-9) ...
root@hostname:~#
root@hostname:~#systemctl status firewalld
? firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; preset:>
Active: inactive (dead) since Sat 2023-07-08 02:06:48 EDT; 16s ago
Duration: 2.316s
Docs: man:firewalld(1)
Process: 77366 ExecStart=/usr/sbin/firewalld --nofork --nopid (code=exit>
Main PID: 77366 (code=exited, status=0/SUCCESS)
Jul 08 02:06:48 hostname.example.com firewalld[77366]: ERROR: '/usr/sbin/e>
line 3: CHAIN_DEL f>
line 3: CHAIN_DEL f>
line 3: CHAIN_DEL f>
Jul 08 02:06:48 hostname.example.com firewalld[77366]: ERROR: 'python-nfta>
JSON blob:
{"nftables": [{"met>
Jul 08 02:06:48 hostname.example.com firewalld[77366]: ERROR: COMMAND_FAIL>
line 3: CHAIN_DEL f>
line 3: CHAIN_DEL f>
line 3: CHAIN_DEL f>
Jul 08 02:06:48 hostname.example.com firewalld[77366]: Traceback (most rec>
File "/usr/lib/py>
self._start()
File "/usr/lib/py>
self._start_app>
File "/usr/lib/py>
transaction.exe>
File "/usr/lib/py>
raise FirewallE>
firewall.errors.Fir>
I'm trying to get firewalld going on Debian 12. I'm getting a python
error and I've seen it on google searches but not found a resolution.
Any suggestions welcome. Here's the complete log.
Thanks.
Dave.
root@hostname:/etc/ssh#cat /etc/debian_version
12.0
root@hostname:~#apt install firewalld
Reading package lists... 0%Reading package lists... 100%Reading
package lists... Done
Building dependency tree... 0%Building dependency tree... 0%Building
dependency tree... 50%Building dependency tree... 50%Building
dependency tree... Done
Reading state information... 0% Reading state information... 0%Reading
state information... Done
The following additional packages will be installed:
gir1.2-nm-1.0 ipset iptables libipset13 libnftables1 libnm0 nftables
python3-attr python3-cap-ng python3-firewall python3-idna
python3-json-pointer python3-jsonschema python3-nftables
python3-pyrsistent python3-rfc3987 python3-uritemplate python3-webcolors
Suggested packages:
python-attr-doc python-jsonschema-doc
The following NEW packages will be installed:
firewalld gir1.2-nm-1.0 ipset iptables libipset13 libnftables1 libnm0
nftables python3-attr python3-cap-ng python3-firewall python3-idna
python3-json-pointer python3-jsonschema python3-nftables
python3-pyrsistent python3-rfc3987 python3-uritemplate python3-webcolors
0 upgraded, 19 newly installed, 0 to remove and 0 not upgraded.
Need to get 2171 kB of archives.
After this operation, 11.4 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
0% [Working] Get:1 https://ftp.debian.org/debian
bookworm-proposed-updates/main amd64 libnftables1 amd64
1.0.6-2+deb12u1 [298 kB]
0% [1 libnftables1 0 B/298 kB 0%] 12%
[Working] Get:2 https://ftp.debian.org/debian
bookworm-proposed-updates/main amd64 nftables amd64 1.0.6-2+deb12u1
[70.1 kB]
12% [2 nftables 0 B/70.1 kB 0%] 16%
[Working] Get:3 https://ftp.debian.org/debian
bookworm/main amd64 libnm0 amd64 1.42.4-1 [436 kB]
16% [3 libnm0 0 B/436 kB 0%] 33% [Working]
Get:4 https://ftp.debian.org/debian bookworm/main amd64
gir1.2-nm-1.0 amd64 1.42.4-1 [77.3 kB]
33% [4 gir1.2-nm-1.0 16.4 kB/77.3 kB 21%]
37% [Working] Get:5
https://ftp.debian.org/debian bookworm/main amd64 python3-attr all
22.2.0-1 [65.4 kB]
37% [5 python3-attr 3928 B/65.4 kB 6%]
40% [Working] Get:6 https://ftp.debian.org/debian
bookworm/main amd64 python3-pyrsistent amd64 0.18.1-1+b3 [60.0 kB]
40% [6 python3-pyrsistent 0 B/60.0 kB 0%]
43% [Waiting for headers] Get:7
https://ftp.debian.org/debian bookworm/main amd64 python3-jsonschema
all 4.10.3-1 [67.9 kB]
43% [7 python3-jsonschema 0 B/67.9 kB 0%]
47% [Working] Get:8
https://ftp.debian.org/debian bookworm-proposed-updates/main amd64
python3-nftables amd64 1.0.6-2+deb12u1 [15.3 kB]
47% [8 python3-nftables 0 B/15.3 kB 0%]
49% [Waiting for headers] Get:9
https://ftp.debian.org/debian bookworm/main amd64 python3-firewall all
1.3.0-1 [131 kB]
49% [9 python3-firewall 0 B/131 kB 0%]
54% [Waiting for headers] Get:10
https://ftp.debian.org/debian bookworm/main amd64 firewalld all
1.3.0-1 [368 kB]
54% [10 firewalld 0 B/368 kB 0%] 69%
[Working] Get:11 https://ftp.debian.org/debian
bookworm/main amd64 libipset13 amd64 7.17-1 [67.5 kB]
71% [11 libipset13 41.4 kB/67.5 kB 61%]
73% [Working] Get:12 https://ftp.debian.org/debian
bookworm/main amd64 ipset amd64 7.17-1 [45.7 kB]
73% [12 ipset 16.4 kB/45.7 kB 36%]
75% [Working] Get:13 https://ftp.debian.org/debian
bookworm/main amd64 iptables amd64 1.8.9-2 [360 kB]
75% [13 iptables 0 B/360 kB 0%] 90%
[Working] Get:14 https://ftp.debian.org/debian
bookworm/main amd64 python3-cap-ng amd64 0.8.3-1+b3 [21.5 kB]
90% [14 python3-cap-ng 0 B/21.5 kB 0%]
92% [Working] Get:15 https://ftp.debian.org/debian
bookworm/main amd64 python3-idna all 3.3-1 [39.4 kB]
92% [15 python3-idna 0 B/39.4 kB 0%]
94% [Working] Get:16 https://ftp.debian.org/debian
bookworm/main amd64 python3-json-pointer all 2.3-2 [15.1 kB]
94% [16 python3-json-pointer 0 B/15.1 kB 0%]
96% [Working] Get:17
https://ftp.debian.org/debian bookworm/main amd64 python3-rfc3987 all
1.3.8-2 [8816 B]
96% [17 python3-rfc3987 8816 B/8816 B 100%]
97% [Waiting for headers]
Get:18 https://ftp.debian.org/debian bookworm/main amd64
python3-uritemplate all 4.1.1-2 [10.9 kB]
97% [18 python3-uritemplate 10.9 kB/10.9 kB 100%]
98% [Working] Get:19
https://ftp.debian.org/debian bookworm/main amd64 python3-webcolors
all 1.11.1-1 [12.7 kB]
98% [19 python3-webcolors 0 B/12.7 kB 0%]
100% [Working] Fetched 2171 kB in 1s (3304
kB/s)
Selecting previously unselected package libnftables1:amd64.
(Reading database ... (Reading database ... 5%(Reading database ...
10%(Reading database ... 15%(Reading database ... 20%(Reading database
... 25%(Reading database ... 30%(Reading database ... 35%(Reading
database ... 40%(Reading database ... 45%(Reading database ...
50%(Reading database ... 55%(Reading database ... 60%(Reading database
... 65%(Reading database ... 70%(Reading database ... 75%(Reading
database ... 80%(Reading database ... 85%(Reading database ...
90%(Reading database ... 95%(Reading database ... 100%(Reading
database ... 37406 files and directories currently installed.)
Preparing to unpack .../00-libnftables1_1.0.6-2+deb12u1_amd64.deb ...
Progress: [ 0%]
[.......................................................] Progress: [
1%] [.......................................................]
Unpacking libnftables1:amd64 (1.0.6-2+deb12u1) ...
Progress: [ 3%]
[#......................................................] Selecting
previously unselected package nftables.
Preparing to unpack .../01-nftables_1.0.6-2+deb12u1_amd64.deb ...
Progress: [ 4%]
[##.....................................................] Unpacking
nftables (1.0.6-2+deb12u1) ...
Progress: [ 5%]
[##.....................................................] Selecting
previously unselected package libnm0:amd64.
Preparing to unpack .../02-libnm0_1.42.4-1_amd64.deb ...
Progress: [ 6%]
[###....................................................] Unpacking
libnm0:amd64 (1.42.4-1) ...
Progress: [ 8%]
[####...................................................] Selecting
previously unselected package gir1.2-nm-1.0:amd64.
Preparing to unpack .../03-gir1.2-nm-1.0_1.42.4-1_amd64.deb ...
Progress: [ 9%]
[#####..................................................] Unpacking
gir1.2-nm-1.0:amd64 (1.42.4-1) ...
Progress: [ 10%]
[#####..................................................] Selecting
previously unselected package python3-attr.
Preparing to unpack .../04-python3-attr_22.2.0-1_all.deb ...
Progress: [ 12%]
[######.................................................] Unpacking
python3-attr (22.2.0-1) ...
Progress: [ 13%]
[#######................................................] Selecting
previously unselected package python3-pyrsistent:amd64.
Preparing to unpack .../05-python3-pyrsistent_0.18.1-1+b3_amd64.deb ...
Progress: [ 14%]
[#######................................................] Unpacking
python3-pyrsistent:amd64 (0.18.1-1+b3) ...
Progress: [ 16%]
[########...............................................] Selecting
previously unselected package python3-jsonschema.
Preparing to unpack .../06-python3-jsonschema_4.10.3-1_all.deb ...
Progress: [ 17%]
[#########..............................................] Unpacking
python3-jsonschema (4.10.3-1) ...
Progress: [ 18%]
[##########.............................................] Selecting
previously unselected package python3-nftables.
Preparing to unpack .../07-python3-nftables_1.0.6-2+deb12u1_amd64.deb ...
Progress: [ 19%]
[##########.............................................] Unpacking
python3-nftables (1.0.6-2+deb12u1) ...
Progress: [ 21%]
[###########............................................] Selecting
previously unselected package python3-firewall.
Preparing to unpack .../08-python3-firewall_1.3.0-1_all.deb ...
Progress: [ 22%]
[############...........................................] Unpacking
python3-firewall (1.3.0-1) ...
Progress: [ 23%]
[############...........................................] Selecting
previously unselected package firewalld.
Preparing to unpack .../09-firewalld_1.3.0-1_all.deb ...
Progress: [ 25%]
[#############..........................................] Unpacking
firewalld (1.3.0-1) ...
Progress: [ 26%]
[##############.........................................] Selecting
previously unselected package libipset13:amd64.
Preparing to unpack .../10-libipset13_7.17-1_amd64.deb ...
Progress: [ 27%]
[###############........................................] Unpacking
libipset13:amd64 (7.17-1) ...
Progress: [ 29%]
[###############........................................] Selecting
previously unselected package ipset.
Preparing to unpack .../11-ipset_7.17-1_amd64.deb ...
Progress: [ 30%]
[################.......................................] Unpacking
ipset (7.17-1) ...
Progress: [ 31%]
[#################......................................] Selecting
previously unselected package iptables.
Preparing to unpack .../12-iptables_1.8.9-2_amd64.deb ...
Progress: [ 32%]
[#################......................................] Unpacking
iptables (1.8.9-2) ...
Progress: [ 34%]
[##################.....................................] Selecting
previously unselected package python3-cap-ng.
Preparing to unpack .../13-python3-cap-ng_0.8.3-1+b3_amd64.deb ...
Progress: [ 35%]
[###################....................................] Unpacking
python3-cap-ng (0.8.3-1+b3) ...
Progress: [ 36%]
[####################...................................] Selecting
previously unselected package python3-idna.
Preparing to unpack .../14-python3-idna_3.3-1_all.deb ...
Progress: [ 38%]
[####################...................................] Unpacking
python3-idna (3.3-1) ...
Progress: [ 39%]
[#####################..................................] Selecting
previously unselected package python3-json-pointer.
Preparing to unpack .../15-python3-json-pointer_2.3-2_all.deb ...
Progress: [ 40%]
[######################.................................] Unpacking
python3-json-pointer (2.3-2) ...
Progress: [ 42%]
[######################.................................] Selecting
previously unselected package python3-rfc3987.
Preparing to unpack .../16-python3-rfc3987_1.3.8-2_all.deb ...
Progress: [ 43%]
[#######################................................] Unpacking
python3-rfc3987 (1.3.8-2) ...
Progress: [ 44%]
[########################...............................] Selecting
previously unselected package python3-uritemplate.
Preparing to unpack .../17-python3-uritemplate_4.1.1-2_all.deb ...
Progress: [ 45%]
[#########################..............................] Unpacking
python3-uritemplate (4.1.1-2) ...
Progress: [ 47%]
[#########################..............................] Selecting
previously unselected package python3-webcolors.
Preparing to unpack .../18-python3-webcolors_1.11.1-1_all.deb ...
Progress: [ 48%]
[##########################.............................] Unpacking
python3-webcolors (1.11.1-1) ...
Progress: [ 49%]
[###########################............................] Setting up
python3-attr (22.2.0-1) ...
Progress: [ 51%]
[###########################............................] Progress: [
52%] [############################...........................] Setting
up libnftables1:amd64 (1.0.6-2+deb12u1) ...
Progress: [ 53%]
[#############################..........................] Progress: [
55%] [##############################.........................] Setting
up nftables (1.0.6-2+deb12u1) ...
Progress: [ 56%]
[##############################.........................] Progress: [
57%] [###############################........................] Setting
up python3-cap-ng (0.8.3-1+b3) ...
Progress: [ 58%]
[################################.......................] Progress: [
60%] [################################.......................] Setting
up iptables (1.8.9-2) ...
Progress: [ 61%]
[#################################......................]
update-alternatives: using /usr/sbin/iptables-legacy to provide
/usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-legacy to provide
/usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/iptables-nft to provide
/usr/sbin/iptables (iptables) in auto mode
update-alternatives: using /usr/sbin/ip6tables-nft to provide
/usr/sbin/ip6tables (ip6tables) in auto mode
update-alternatives: using /usr/sbin/arptables-nft to provide
/usr/sbin/arptables (arptables) in auto mode
update-alternatives: using /usr/sbin/ebtables-nft to provide
/usr/sbin/ebtables (ebtables) in auto mode
Progress: [ 62%]
[##################################.....................] Setting up
python3-uritemplate (4.1.1-2) ...
Progress: [ 64%]
[###################################....................] Progress: [
65%] [###################################....................] Setting
up python3-firewall (1.3.0-1) ...
Progress: [ 66%]
[####################################...................] Progress: [
68%] [#####################################..................] Setting
up python3-webcolors (1.11.1-1) ...
Progress: [ 69%]
[#####################################..................] Progress: [
70%] [######################################.................] Setting
up python3-rfc3987 (1.3.8-2) ...
Progress: [ 71%]
[#######################################................] Progress: [
73%] [########################################...............] Setting
up python3-idna (3.3-1) ...
Progress: [ 74%]
[########################################...............] Progress: [
75%] [#########################################..............] Setting
up libnm0:amd64 (1.42.4-1) ...
Progress: [ 77%]
[##########################################.............] Progress: [
78%] [##########################################.............] Setting
up python3-pyrsistent:amd64 (0.18.1-1+b3) ...
Progress: [ 79%]
[###########################################............] Progress: [
81%] [############################################...........] Setting
up libipset13:amd64 (7.17-1) ...
Progress: [ 82%]
[#############################################..........] Progress: [
83%] [#############################################..........] Setting
up python3-json-pointer (2.3-2) ...
Progress: [ 84%]
[##############################################.........] Progress: [
86%] [###############################################........] Setting
up gir1.2-nm-1.0:amd64 (1.42.4-1) ...
Progress: [ 87%]
[###############################################........] Progress: [
88%] [################################################.......] Setting
up ipset (7.17-1) ...
Progress: [ 90%]
[#################################################......] Progress: [
91%] [##################################################.....] Setting
up python3-jsonschema (4.10.3-1) ...
Progress: [ 92%]
[##################################################.....] Progress: [
94%] [###################################################....] Setting
up python3-nftables (1.0.6-2+deb12u1) ...
Progress: [ 95%]
[####################################################...] Progress: [
96%] [####################################################...] Setting
up firewalld (1.3.0-1) ...
Progress: [ 97%]
[#####################################################..]
update-alternatives: using
/usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.server.policy.choice
to provide /usr/share/polkit-1/actions/org.fedoraproject.FirewallD1.policy
(org.fedoraproject.FirewallD1.policy) in auto mode
Created symlink
/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service ?
/lib/systemd/system/firewalld.service.
Created symlink
/etc/systemd/system/multi-user.target.wants/firewalld.service ?
/lib/systemd/system/firewalld.service.
Progress: [ 99%]
[######################################################.] Processing
triggers for man-db (2.11.2-2) ...
Processing triggers for dbus (1.14.8-1~deb12u1) ...
Processing triggers for libc-bin (2.36-9) ...
root@hostname:~#
root@hostname:~#systemctl status firewalld
? firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; preset:>
Active: inactive (dead) since Sat 2023-07-08 02:06:48 EDT; 16s ago
Duration: 2.316s
Docs: man:firewalld(1)
Process: 77366 ExecStart=/usr/sbin/firewalld --nofork --nopid (code=exit>
Main PID: 77366 (code=exited, status=0/SUCCESS)
Jul 08 02:06:48 hostname.example.com firewalld[77366]: ERROR: '/usr/sbin/e>
line 3: CHAIN_DEL f>
line 3: CHAIN_DEL f>
line 3: CHAIN_DEL f>
Jul 08 02:06:48 hostname.example.com firewalld[77366]: ERROR: 'python-nfta>
JSON blob:
{"nftables": [{"met>
Jul 08 02:06:48 hostname.example.com firewalld[77366]: ERROR: COMMAND_FAIL>
line 3: CHAIN_DEL f>
line 3: CHAIN_DEL f>
line 3: CHAIN_DEL f>
Jul 08 02:06:48 hostname.example.com firewalld[77366]: Traceback (most rec>
File "/usr/lib/py>
self._start()
File "/usr/lib/py>
self._start_app>
File "/usr/lib/py>
transaction.exe>
File "/usr/lib/py>
raise FirewallE>
firewall.errors.Fir>
john doe
Jul 8, 2023, 3:40:07 AM7/8/23
to
My answer is an educated guess but I have not looked at the code.
Can you manually force delete a chain?
I would also post to Firewalld mailing list as to me it looks like it is
a Firewalld issue and not a Debian one!
--
John Doe
I would also post to Firewalld mailing list as to me it looks like it is
a Firewalld issue and not a Debian one!
--
John Doe
Max Nikulin
Jul 8, 2023, 4:30:06 AM7/8/23
to
On 08/07/2023 13:16, David Mehler wrote:
> root@hostname:~#systemctl status firewalld
> ? firewalld.service - firewalld - dynamic firewall daemon
> Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; preset:>
...
> root@hostname:~#systemctl status firewalld
> ? firewalld.service - firewalld - dynamic firewall daemon
> Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; preset:>
> Jul 08 02:06:48 hostname.example.com firewalld[77366]: ERROR: '/usr/sbin/e>
> line 3: CHAIN_DEL f>
> line 3: CHAIN_DEL f>
> line 3: CHAIN_DEL f>
Please, use
> line 3: CHAIN_DEL f>
> line 3: CHAIN_DEL f>
> line 3: CHAIN_DEL f>
systemctl --full --no-pager status firewalld
or
systemctl status firewalld | cat
to unveil complete error messages
David Mehler
Jul 9, 2023, 6:20:06 PM7/9/23
to
Hello,
I sent a posting to the firewalld list, so far nothing. I do have a
kludge/fix that does make firewalld work, though with an error. The
fix is to change the backend option from nftables to iptables in
/etc/firewalld/firewalld.conf. I then can add my rules and all is
good. I do see the below message:
#firewall-cmd --reload
Error: COMMAND_FAILED: '/usr/sbin/ebtables-restore --noflush' failed:
ebtables-restore v1.8.9 (nf_tables):
line 3: CHAIN_DEL failed (Device or resource busy): chain PREROUTING_direct
line 3: CHAIN_DEL failed (Device or resource busy): chain POSTROUTING_direct
line 3: CHAIN_DEL failed (Device or resource busy): chain OUTPUT_direct
It does work but I'd love to know why the newer nftables backend keeps
failing and this error meaning?
Thank you.
Dave.
I sent a posting to the firewalld list, so far nothing. I do have a
kludge/fix that does make firewalld work, though with an error. The
fix is to change the backend option from nftables to iptables in
/etc/firewalld/firewalld.conf. I then can add my rules and all is
good. I do see the below message:
#firewall-cmd --reload
Error: COMMAND_FAILED: '/usr/sbin/ebtables-restore --noflush' failed:
ebtables-restore v1.8.9 (nf_tables):
line 3: CHAIN_DEL failed (Device or resource busy): chain PREROUTING_direct
line 3: CHAIN_DEL failed (Device or resource busy): chain POSTROUTING_direct
line 3: CHAIN_DEL failed (Device or resource busy): chain OUTPUT_direct
It does work but I'd love to know why the newer nftables backend keeps
failing and this error meaning?
Thank you.
Dave.
0 new messages