On Dec 14, 2018, at 3:57 PM, Jon LaBadie <jcu at labadie.us> wrote: > > : Bad rule (does a matching rule exist in that chain?). That makes sense: the old iptables service installed several default chains, and firewalld does as well, but they’re not named the same, and I doubt there’s a 1:1 mapping between them. That’s part of why I advised you to use one or the other, not both. Another reason is that their persistent rule stores use entirely different file formats, in different locations.