Symptoms
-
In an attempt to check the
firewalldservice status, it reports the following error:# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled;
...
example.com firewalld[20760]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD --source 192.0.2.2/24 --in-interface virbr0 --jump ACCEPT' failed: -
The Plesk Firewall is marked as installed in Tools & Settings > Updates & Upgrades (Updates) > Add Remove Components > Plesk extensions:
Cause
It is not possible to use firewalldservice and Plesk Firewall simultaneously.
Resolution
Warning: The following steps may lead to the impossibility to reach the server due to a network misconfiguration. Make sure that the server console can be accessed even if the server doesn't have network connection to continue with the solution described below.
Disable the firewalld service from the system:
-
Connect to the server via SSH
-
Disable the
firewalldservice by running the following commands:# systemctl stop firewalld
# systemctl disable firewalld
-
Restart Plesk Firewall to reapply the rules:
# systemctl restart psa-firewall
with