Firewall

查看firewalld状态时看到警报,但警报不完整.可以试着加 -l.查看完整信息

Posted on by Administrator

查看firewalld状态时看到警报,但警报不完整.可以试着加 -l.查看完整信息

1
systemctl status firewalld.service

返回如下信息:

1
2
3
4
5
6
7
8
9
10
11
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -X DOCKER-ISOLATION-STAGE-1' failed: iptables: No...that name
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --pr...t chain?)
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -F DOCKER-ISOLATION-STAGE-2' failed: iptables: No...that name
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --delete OUTPUT --out-interface virbr0 --...t chain?)
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -X DOCKER-ISOLATION-STAGE-2' failed: iptables: No...that name
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --pr...t chain?)
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -F DOCKER-ISOLATION' failed: iptables: No chain/t...that name
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --pr...t chain?)
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -X DOCKER-ISOLATION' failed: iptables: No chain/t...that name
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables:...t chain?)
Hint: Some lines were ellipsized, use -l to show in full.

可以试着输入如下代码

1
systemctl status firewalld.service -l

会弹出如下详细报警信息.

1
2
3
4
5
6
7
8
9
10
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -X DOCKER-ISOLATION-STAGE-1' failed: iptables: No chain/target/match by that name.
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --protocol tcp --destination-port 53 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -F DOCKER-ISOLATION-STAGE-2' failed: iptables: No chain/target/match by that name.
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --delete OUTPUT --out-interface virbr0 --protocol udp --destination-port 68 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -X DOCKER-ISOLATION-STAGE-2' failed: iptables: No chain/target/match by that name.
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 67 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -F DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -w --table filter --delete INPUT --in-interface virbr0 --protocol tcp --destination-port 67 --jump ACCEPT' failed: iptables: Bad rule (does a matching rule exist in that chain?).
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -t filter -X DOCKER-ISOLATION' failed: iptables: No chain/target/match by that name.
May 15 21:35:10 iZj6chcc2jvdlwsb68u7dzZ firewalld[639]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w10 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Bad rule (does a matching rule exist in that chain?).
Administrator

Leave a Reply

Your email address will not be published. Required fields are marked *