jyoung wrote:What do these produce?
Thanks for those detailed instructions. I ran them under my current working state and have pasted those results below. Next I rebooted and ran the commands again so I could show you what it looks like when my system is in a borked state (for example I know commands like 'firewall-cmd --get-default-zone' fail). Well, after being able to reliably reproduce this problem for several weeks I can no longer reproduce it. I.e. after rebooting my PC my firewall now starts normally.
So I'm happy that the problem appears to be gone, but I'm also disappointed I don't know what caused or fixed it. I just hope it doesn't rear its ugly head again someday when I'm away and need remote SSH access to my PC.
In case you can spot anything amiss from your commands' output I've pasted it below. The only error is from the boot up last night. My active NIC is "enp3s0".
Code: Select all
echo -e "My default zone is $( firewall-cmd --get-default-zone )\n\nMy firewall is configured as follows:\n$( for ZONE in $( firewall-cmd --get-active-zones | egrep "^[A-Z]|^[a-z]" ); do firewall-cmd --zone=$ZONE --list-all; done )"
My default zone is public
My firewall is configured as follows:
public (default, active)
interfaces: enp3s0
sources:
services: dhcpv6-client ssh
ports:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
nmcli con show | gawk '{print $1}' | grep -v NAME | while read CONN; do echo $CONN; nmcli con show $CONN | grep -i zone; echo; done
enp4s0
connection.zone: --
enp3s0
connection.zone: --
GENERAL.ZONE: --
journalctl -xln1000 --unit=firewalld
-- Logs begin at Fri 2015-03-27 18:45:32 CDT, end at Sat 2015-03-28 14:33:48 CDT
Mar 27 23:45:34 black systemd[1]: Starting firewalld - dynamic firewall daemon..
-- Subject: Unit firewalld.service has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has begun starting up.
Mar 27 23:45:35 black systemd[1]: Started firewalld - dynamic firewall daemon.
-- Subject: Unit firewalld.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has finished starting up.
--
-- The start-up result is done.
Mar 27 23:45:37 black firewalld[788]: 2015-03-27 23:45:37 ERROR: INVALID_ZONE
Mar 27 23:48:18 black systemd[1]: Stopping firewalld - dynamic firewall daemon..
-- Subject: Unit firewalld.service has begun shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has begun shutting down.
Mar 27 23:48:20 black systemd[1]: Starting firewalld - dynamic firewall daemon..
-- Subject: Unit firewalld.service has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has begun starting up.
Mar 27 23:48:20 black systemd[1]: Started firewalld - dynamic firewall daemon.
-- Subject: Unit firewalld.service has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit firewalld.service has finished starting up.
--
-- The start-up result is done.