This looks like the firewalld backends are broken, e.g. nftables,
ebtables.
Are you using a Debian provided kernel? Or is this a custom kernel for
the VPS?
On Sat, Jul 08, 2023 at 10:29:45AM -0400, David Mehler wrote:
Hello,
I'm trying to get firewalld going on Debian 12 a vps. I've asked on
the debian users list who refered me here with a way to get more
verbose error messages, see below. Unfortunately I'm clueless as to
what this could be. It from what I can see looks like it's trying to
delete a chain and failing which causes firewalld to fail, though I
could be wrong, python and myself are not friends.
Any help appreciated.
Thanks.
Dave.
root@hostname:~#systemctl --full --no-pager status firewalld
? firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/lib/systemd/system/firewalld.service; enabled;
preset: enabled)
Active: inactive (dead) since Sat 2023-07-08 02:06:48 EDT; 7h ago
Duration: 2.316s
Docs: man:firewalld(1)
Process: 77366 ExecStart=/usr/sbin/firewalld --nofork --nopid
(code=exited, status=0/SUCCESS)
Main PID: 77366 (code=exited, status=0/SUCCESS)
Jul 08 02:06:48
hostname.example.com firewalld[77366]: ERROR:
'/usr/sbin/ebtables-restore --noflush' failed: ebtables-restore v1.8.9
(nf_tables):
line 3:
CHAIN_DEL failed (Device or resource busy): chain PREROUTING_direct
line 3:
CHAIN_DEL failed (Device or resource busy): chain POSTROUTING_direct
line 3:
CHAIN_DEL failed (Device or resource busy): chain OUTPUT_direct
Jul 08 02:06:48
hostname.example.com firewalld[77366]: ERROR:
'python-nftables' failed: internal:0:0-0: Error: Could not process
rule: No such file or directory
JSON blob:
{"nftables":
[{"metainfo": {"json_schema_version": 1}}, {"delete":
{"table":
{"family": "inet", "name": "firewalld"}}},
{"add": {"table":
{"family": "inet", "name": "firewalld"}}}]}
Jul 08 02:06:48
hostname.example.com firewalld[77366]: ERROR:
COMMAND_FAILED: '/usr/sbin/ebtables-restore --noflush' failed:
ebtables-restore v1.8.9 (nf_tables):
line 3:
CHAIN_DEL failed (Device or resource busy): chain PREROUTING_direct
line 3:
CHAIN_DEL failed (Device or resource busy): chain POSTROUTING_direct
line 3:
CHAIN_DEL failed (Device or resource busy): chain OUTPUT_direct
Jul 08 02:06:48
hostname.example.com firewalld[77366]: Traceback (most
recent call last):
File
"/usr/lib/python3/dist-packages/firewall/core/fw.py", line 633, in
start
self._start()
File
"/usr/lib/python3/dist-packages/firewall/core/fw.py", line 597, in
_start
self._start_apply_objects(reload=reload,
complete_reload=complete_reload)
File
"/usr/lib/python3/dist-packages/firewall/core/fw.py", line 495, in
_start_apply_objects
transaction.execute(True)
File
"/usr/lib/python3/dist-packages/firewall/core/fw_transaction.py", line
161, in execute
raise
FirewallError(errors.COMMAND_FAILED, errorMsg)
firewall.errors.FirewallError: COMMAND_FAILED:
'/usr/sbin/ebtables-restore --noflush' failed: ebtables-restore v1.8.9
(nf_tables):
line 3:
CHAIN_DEL failed (Device or resource busy): chain PREROUTING_direct
line 3:
CHAIN_DEL failed (Device or resource busy): chain POSTROUTING_direct
line 3:
CHAIN_DEL failed (Device or resource busy): chain OUTPUT_direct
During
handling of the above exception, another exception occurred:
Traceback
(most recent call last):
File
"/usr/lib/python3/dist-packages/firewall/core/fw.py", line 638, in
start
self._start_failsafe()
File
"/usr/lib/python3/dist-packages/firewall/core/fw.py", line 629, in
_start_failsafe
self._start_apply_objects(reload=reload,
complete_reload=complete_reload)
File
"/usr/lib/python3/dist-packages/firewall/core/fw.py", line 495, in
_start_apply_objects
transaction.execute(True)
File
"/usr/lib/python3/dist-packages/firewall/core/fw_transaction.py", line
161, in execute
raise
FirewallError(errors.COMMAND_FAILED, errorMsg)
firewall.errors.FirewallError: COMMAND_FAILED: 'python-nftables'
failed: internal:0:0-0: Error: Could not process rule: No such file or
directory
JSON blob:
{"nftables":
[{"metainfo": {"json_schema_version": 1}}, {"delete":
{"table":
{"family": "inet", "name": "firewalld"}}},
{"add": {"table":
{"family": "inet", "name": "firewalld"}}}]}
Jul 08 02:06:48
hostname.example.com firewalld[77366]: ERROR:
COMMAND_FAILED: 'python-nftables' failed: internal:0:0-0: Error: Could
not process rule: No such file or directory
JSON blob:
{"nftables":
[{"metainfo": {"json_schema_version": 1}}, {"delete":
{"table":
{"family": "inet", "name": "firewalld"}}},
{"add": {"table":
{"family": "inet", "name": "firewalld"}}}]}
Jul 08 02:06:48
hostname.example.com firewalld[77366]: ERROR: Failed
to load full stock configuration. This likely indicates a system level
issue, e.g. the firewall backend (nftables, iptables) is broken. All
hope is lost. Exiting.
Jul 08 02:06:48
hostname.example.com firewalld[77366]: ERROR:
'/usr/sbin/ebtables-restore --noflush' failed: ebtables-restore v1.8.9
(nf_tables):
line 3:
CHAIN_DEL failed (Device or resource busy): chain PREROUTING_direct
line 3:
CHAIN_DEL failed (Device or resource busy): chain POSTROUTING_direct
line 3:
CHAIN_DEL failed (Device or resource busy): chain OUTPUT_direct
Jul 08 02:06:48
hostname.example.com firewalld[77366]: ERROR:
'python-nftables' failed: internal:0:0-0: Error: Could not process
rule: No such file or directory
JSON blob:
{"nftables":
[{"metainfo": {"json_schema_version": 1}}, {"delete":
{"table":
{"family": "inet", "name": "firewalld"}}}]}
Jul 08 02:06:48
hostname.example.com firewalld[77366]: ERROR: Raising
SystemExit in run_server
Jul 08 02:06:48
hostname.example.com systemd[1]: firewalld.service:
Deactivated successfully.
_______________________________________________
firewalld-users mailing list -- firewalld-users(a)lists.fedorahosted.org
To unsubscribe send an email to firewalld-users-leave(a)lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/firewalld-users@lists.fedora...
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue