Hide Forgot
After updgrading form RHEL7.6 to 7.7 firewalld 0.6.3 starts with errors and with no predefined rules present when ipv6 is disabled in kernel (ipv6.disable=1) # systemctl status firewalld ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2019-08-08 13:39:03 CEST; 1h 19min ago Docs: man:firewalld(1) Main PID: 1429 (firewalld) CGroup: /system.slice/firewalld.service └─1429 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid Aug 08 13:39:01 systemd[1]: Starting firewalld - dynamic firewall daemon... Aug 08 13:39:03 systemd[1]: Started firewalld - dynamic firewall daemon. Aug 08 13:39:04 firewalld[1429]: WARNING: ip6tables not usable, disabling IPv6 firewall. Aug 08 13:39:04 firewalld[1429]: ERROR: UNKNOWN_ERROR: 'ip6tables' backend does not exist Aug 08 13:39:04 firewalld[1429]: ERROR: COMMAND_FAILED: UNKNOWN_ERROR: 'ip6tables' backend does not exist Aug 08 13:39:04 firewalld[1429]: ERROR: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.4.21: goto 'FWDI_public' is not a chain Error occurred at line: 2... Aug 08 13:39:04 firewalld[1429]: ERROR: COMMAND_FAILED: '/usr/sbin/iptables-restore -w -n' failed: iptables-restore v1.4.21: goto 'FWDI_public' is not a chain # firewall-cmd --state failed # iptables -nvL Chain INPUT (policy ACCEPT 1031 packets, 455K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 853 packets, 294K bytes) pkts bytes target prot opt in out source destination # cat /etc/default/grub GRUB_TIMEOUT=5 GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)" GRUB_DEFAULT=saved GRUB_DISABLE_SUBMENU=true GRUB_TERMINAL_OUTPUT="console" GRUB_CMDLINE_LINUX="crashkernel=auto rd.lvm.lv=sys/root rd.lvm.lv=sys/swap ipv6.disable=1 rhgb quiet transparent_hugepage=never" GRUB_DISABLE_RECOVERY="true"
kernel 3.10.0-1062.el7.x86_64
*** This bug has been marked as a duplicate of bug 1738785 ***