On Sat, Jul 20, 2019 at 02:34:55AM +0000, Hans Malissa wrote:
Hi list,
I've compiled and installed firewalld-0.7.0 on my linux system (linux-4.20.12), with
no obvious errors during the built. When I start firewalld with
# systemctl start firewalld
I get
# systemctl status firewalld
ERROR: '/sbin/nft add chain ip6 firewalld nat_PREROUTING { type nat hook prerouting
priority -90 ; }' failed: Error: Could not process rule: No such file or directory
When I inspect the nft tables afterwards, I get
# nft list tables
table inet firewalld
table ip firewalld
table ip6 firewalld
# nft list table inet firewalld
table inet firewalld {
chain raw_PREROUTING {
type filter hook prerouting priority raw + 10; policy accept;
}
chain mangle_PREROUTING {
type filter hook prerouting priority mangle + 10; policy accept;
}
}
# nft list table ip firewalld
table ip firewalld {
chain nat_PREROUTING {
type nat hook prerouting priority dstnat + 10; policy accept;
}
chain nat_POSTROUTING {
type nat hook postrouting priority srcnat + 10; policy accept;
}
}
# nft list table ip6 firewalld
table ip6 firewalld {
}
What is the problem here? nft seems to be working to some degree, but for some reason the
ip6 table is not created.
Thanks a lot,
It likely means your kernel does not support IPv6 or the IPv6 for
netfilter/nftables is not enabled.
Maybe try a new kernel. Are you building your own?