我有一台 CentOS 伺服器,最近運行了 yum-update,唯一的更新是 centos-release。我應用了更新,自從 FirewallD 一直拋出錯誤。
我卸載並重新安裝了該軟體包,認為我可能剛剛破壞了配置,但現在每當我嘗試使用服務命令啟動 FirewallD 時,我都會被告知服務失敗並給出以下輸出
Dec 17 15:54:57 DMZ01 systemd[1]: Starting firewalld - dynamic firewall daemon...
-- Subject: Unit firewalld.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has begun starting up.
Dec 17 15:54:57 DMZ01 systemd[1]: firewalld.service: main process exited, code=exited, status=1/FAILURE
Dec 17 15:54:57 DMZ01 systemd[1]: Failed to start firewalld - dynamic firewall daemon.
-- Subject: Unit firewalld.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has failed.
--
-- The result is failed.
Dec 17 15:54:57 DMZ01 systemd[1]: Unit firewalld.service entered failed state.
Dec 17 15:54:57 DMZ01 systemd[1]: firewalld.service failed.
執行任何firewall-cmd指令只會告訴我 Firewalld 沒有運作。
結果cat /etc/centor-release是:CentOS Linux release 7.9.2009 (Core)
使用參數運行firewalld命令--debug會立即終止與伺服器的連線並鎖定所有傳入連線。我必須手動重新啟動伺服器才能重新進入。
調試命令的輸出轉儲到/var/log/firewalld並可以在此處查看:
https://pastebin.com/N81tWkhj
輸出/etc/firewalld/zones/public.xml
<?xml version="1.0" encoding="utf-8"?>
<zone target="default">
<short>Public</short>
<description>For use in public areas. You do not trust the other computers on networks to not harm your computer. Only selected incoming connections are accepted.</description>
<port protocol="tcp" port="21"/>
<port protocol="tcp" port="60000-65335"/>
</zone>