标签:def source use ack -o http block chain icmp
[root@localhost bin]# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since 三 2020-01-29 03:28:08 PST; 20min ago
Docs: man:firewalld(1)
Main PID: 507 (firewalld)
CGroup: /system.slice/firewalld.service
└─507 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete FORWARD --destination 192.168.122.0/24 --out-interface virbr0 --match conntrack --ctstate ...in that chain?).
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete FORWARD --source 192.168.122.0/24 --in-interface virbr0 --jump ACCEPT‘ failed: iptables: B...in that chain?).
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete FORWARD --in-interface virbr0 --out-interface virbr0 --jump ACCEPT‘ failed: iptables: Bad ...in that chain?).
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete FORWARD --out-interface virbr0 --jump REJECT‘ failed: iptables: No chain/target/match by that name.
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete FORWARD --in-interface virbr0 --jump REJECT‘ failed: iptables: No chain/target/match by that name.
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 53 --jump ACCEPT‘ failed: ip...in that chain?).
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --protocol tcp --destination-port 53 --jump ACCEPT‘ failed: ip...in that chain?).
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete OUTPUT --out-interface virbr0 --protocol udp --destination-port 68 --jump ACCEPT‘ failed: ...in that chain?).
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 67 --jump ACCEPT‘ failed: ip...in that chain?).
1月 29 03:28:09 localhost.localdomain firewalld[507]: WARNING: COMMAND_FAILED: ‘/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT‘ failed: ip...in that chain?).
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost bin]# sudo firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eno16777736
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@localhost bin]# sudo firewall-cmd --add-service=http --permanent
success
[root@localhost bin]# sudo firewall-cmd --add-port=80/tcp --permanent
success
[root@localhost bin]# sudo firewall-cmd --reload
success
[root@localhost bin]# sudo firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eno16777736
sources:
services: dhcpv6-client http ssh
ports: 80/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@localhost bin]#
标签:def source use ack -o http block chain icmp
原文地址:https://www.cnblogs.com/michaelcnblogs/p/12241109.html