Ask Your Question
0

Failed to start IPv4 firewall with iptables

asked 2016-02-04 14:43:10 -0500

I have updated Fedora core 16 Kernel from 3.4.2 to 4.4.0. Once the system is rebooted with new kernel 4.4.0, the iptables loaded but not started.

// logs Failed to start IPv4 firewall with iptables [FAILED] See 'systemctl status iptables.service' for details. Started IPv6 firewall with ip6tables [ OK ]

[root@localhost grub2]# systemctl status iptables.service iptables.service - IPv4 firewall with iptables Loaded: loaded (/lib/systemd/system/iptables.service; enabled) Active: failed since Wed, 27 Jan 2016 09:20:39 -0500; 5h 7min ago Process: 936 ExecStart=/usr/libexec/iptables.init start (code=exited, status=1/FAILURE) CGroup: name=systemd:/system/iptables.service

After started the service manually, then the iptables started as follows: systemctl start iptables.service systemctl status iptables.service iptables.service - IPv4 firewall with iptables Loaded: loaded (/lib/systemd/system/iptables.service; enabled) Active: active (exited) since Fri, 01 Jan 2010 14:52:20 -0500; 1s ago Process: 18474 ExecStart=/usr/libexec/iptables.init start (code=exited, status=0/SUCCESS) CGroup: name=systemd:/system/iptables.service

Here are the rules: more /etc/sysconfig/iptables

Firewall configuration written by system-config-firewall

Manual customization of this file is not recommended.

*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT COMMIT

I rebuilt the kernel and tested with all of the Netfilter options on, but issue remains same.

Please confirm iptables v1.4.12 is compatible with latest Kernel 4.4.0 as well.

Note, the ip6_tables loaded and started without any issue.

Any help is appreciated.

Thanks, Guna

edit retag flag offensive close merge delete

Comments

You mean you are running Fedora 16 which is EOL since a looooong time and you updated it from kernel 3.4 to 4.4? Courageous!

Have you considered installing something more recent like Fedora 23?

iptables v1.4.12 is compatible with latest Kernel 4.4.0.

hannsandersson gravatar imagehannsandersson ( 2016-02-04 22:13:15 -0500 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2016-02-08 16:56:28 -0500

Plan to move from Fedora 16 but not now. At this time, decided to update the Kernel only. If I started the iptables just after ip6tables (via systemd) then it is started after boot without any issue. I could not find the reason behind it. Prior to upgrade the kernel to 4.4.0, the ipv4 started before ipv6 iptables and works fine.

edit flag offensive delete link more

Question Tools

Stats

Asked: 2016-02-04 14:43:10 -0500

Seen: 1,146 times

Last updated: Feb 04 '16