Deja vu:
https://lists.redsleeve.org/pipermail/users/2016-January/thread.html
On 2016-01-12 15:49, Neil Townsend wrote:
Hi all,
This time lucky?
I recently installed RedSleeve 7.0 on a Raspberry Pi B (neither
plus nor 2).
It all seems to work fine, apart from one odd quirk: firewalld
runs, but seems to have issues in that it has zone problems; and
firewall-cmd thinks it isn't running. Here's a sequence of commands
showing that the system is up to date, and what happens when you try
and use firewalld:
[root@freepbx ~]# yum update
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
No packages marked for update
[root@freepbx ~]# firewall-cmd --state
not running
[root@freepbx ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service;
disabled)
Active: inactive (dead)
[root@freepbx ~]# systemctl enable firewalld
ln -s '/usr/lib/systemd/system/firewalld.service'
'/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
ln -s '/usr/lib/systemd/system/firewalld.service'
'/etc/systemd/system/basic.target.wants/firewalld.service'
[root@freepbx ~]# firewall-cmd --state
not running
[root@freepbx ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: inactive (dead)
[root@freepbx ~]# systemctl start firewalld
[root@freepbx ~]# firewall-cmd --state
not running
[root@freepbx ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
Active: active (running) since Sun 2016-01-03 14:42:24 UTC; 29s ago
Main PID: 1768 (firewalld)
CGroup: /system.slice/firewalld.service
ΓΆΓΆ1768 /usr/bin/python -Es /usr/sbin/firewalld --nofork
--nopid
Jan 03 14:42:24 freepbx systemd[1]: Started firewalld - dynamic
firewall daemon.
Jan 03 14:42:30 freepbx firewalld[1768]: 2016-01-03 14:42:30 ERROR:
INVALID_ZONE
[root@freepbx ~]# systemctl stop firewalld
[root@freepbx ~]# systemctl disable firewalld
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
In that funny state when it is running (according to systemctl) but
not (according to firewall-cmd), tow things of note:
1. It does seem to be active in that access to the pi is blocked.
2. It claims to have no zones.
The only thing I can see of note is the 'INVALID_ZONE' error in the
above text.
I note that this seems similar to an error reported for firewalld
here (in 0.3.9
http://serverfault.com/questions/673764/firewalld-service-is-running-but-firewall-cmd-doesnt-work
[1]) and also here (in 0.3.5:
https://bugzilla.redhat.com/show_bug.cgi?id=967376 [2]); Redsleeve 7
(and 7.1 and 7.2) seem to run version 0.3.9 from what I can see.
I have discovered that it is possible to work around this by
disabling ipv6 in firewalld.conf. but obviously that isn't a good
long term plan!
Any ideas?
Thanks,
Neil
Links:
------
[1]
http://mandrillapp.com/track/click/30309418/serverfault.com?p=eyJzIjoiZTlIdWFfeWZxMTZoVGEyWTh3M0hGLVVPd0hFIiwidiI6MSwicCI6IntcInVcIjozMDMwOTQxOCxcInZcIjoxLFwidXJsXCI6XCJodHRwOlxcXC9cXFwvc2VydmVyZmF1bHQuY29tXFxcL3F1ZXN0aW9uc1xcXC82NzM3NjRcXFwvZmlyZXdhbGxkLXNlcnZpY2UtaXMtcnVubmluZy1idXQtZmlyZXdhbGwtY21kLWRvZXNudC13b3JrXCIsXCJpZFwiOlwiZGU4YjA5NzJkN2I0NDNmMDg2NTk3NGMwZmMyY2VkNTdcIixcInVybF9pZHNcIjpbXCI0NGQzMzlhZDNjYWYxNWZmNmRjYmIzOGY4Y2RmNzQ0ODZkYTBlYmZiXCJdfSJ9
[2]
http://mandrillapp.com/track/click/30309418/bugzilla.redhat.com?p=eyJzIjoiaWNvVGNRWW50blF5eHo4cm4zZDVwZ3dhMTdRIiwidiI6MSwicCI6IntcInVcIjozMDMwOTQxOCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2J1Z3ppbGxhLnJlZGhhdC5jb21cXFwvc2hvd19idWcuY2dpP2lkPTk2NzM3NlwiLFwiaWRcIjpcImRlOGIwOTcyZDdiNDQzZjA4NjU5NzRjMGZjMmNlZDU3XCIsXCJ1cmxfaWRzXCI6W1wiMDM1MWQwMzdhZjA5MDIzZjIzN2JkZTcwY2M3OGUxZjJjZjdlMWJiNFwiXX0ifQ
_______________________________________________
users mailing list
[email protected]
https://lists.redsleeve.org/mailman/listinfo/users
_______________________________________________
users mailing list
[email protected]
https://lists.redsleeve.org/mailman/listinfo/users
