I'm having a few issues with firewalld on a CentOS 7 install, in
particular when using systemctl to start/check the status of the
daemon:
Checking the firewalld daemon status
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: failed (Result: timeout) since Tue 2014-09-09 07:57:06 EDT;
2min 41s ago
Main PID: 20212
Sep 09 07:55:35 centos.template.30kft systemd[1]: Starting firewalld -
dynamic firewall daemon...
Sep 09 07:57:05 centos.template.30kft systemd[1]: firewalld.service
operation timed out. Terminating.
Sep 09 07:57:06 centos.template.30kft systemd[1]: Failed to start
firewalld - dynamic firewall daemon.
Sep 09 07:57:06 centos.template.30kft systemd[1]: Unit
firewalld.service entered failed state.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
journalctl information from last trying to start it
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sep 09 07:55:35 centos.template.30kft systemd[1]: Starting firewalld -
dynamic firewall daemon...
-- Subject: Unit firewalld.service has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has begun starting up.
Sep 09 07:55:35 centos.template.30kft kernel: ip_tables: (C) 2000-2006
Netfilter Core Team
Sep 09 07:55:35 centos.template.30kft kernel: nf_conntrack version
0.5.0 (3921 buckets, 15684 max)
Sep 09 07:55:35 centos.template.30kft kernel: ip6_tables: (C)
2000-2006 Netfilter Core Team
Sep 09 07:55:35 centos.template.30kft kernel: Ebtables v2.0 registered
Sep 09 07:57:05 centos.template.30kft systemd[1]: firewalld.service
operation timed out. Terminating.
Sep 09 07:57:06 centos.template.30kft kernel: Ebtables v2.0 unregistered
Sep 09 07:57:06 centos.template.30kft systemd[1]: Failed to start
firewalld - dynamic firewall daemon.
-- Subject: Unit firewalld.service has failed
-- Defined-By: systemd
-- Support:
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has failed.
--
-- The result is failed.
Sep 09 07:57:06 centos.template.30kft systemd[1]: Unit
firewalld.service entered failed state.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When I run firewall-cmd --state it tells me that the firewall is running:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# firewall-cmd --state
running
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
And according to an nmap scan that seems to be correct:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$ nmap -p1-65535 xxx.xxx.xxx.xxx
Starting Nmap 6.00 (
http://nmap.org ) at 2014-09-09 13:38 UTC
Nmap scan report for xxx.xxx.xxx.xxx
Host is up (0.0012s latency).
Not shown: 65534 closed ports
PORT STATE SERVICE
22/tcp open ssh
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
But I'm not sure if not having systemctl control of it is an issue or not?
Version information:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# cat /etc/redhat-release
CentOS Linux release 7.0.1406 (Core)
# firewall-cmd --version
0.3.9
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I've found a similar question on RedHat's solutions knowledge base
(
https://access.redhat.com/solutions/1122173) but as I'm on my own and
learning how to work with CentOS I don't have a RedHat support
subscription and thus, can't see the solution. As such I'd appreciate
anyone with any ideas, or even a nod in the right direction. (I'm
using
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/htm...
as my reference for commands)
If you need any more information then let me know.
Thanks,
Aled
--
Aled Parry
aled.skyrail@gmail.com
