Facing issue regarding the firewall

Server, Cloud, and IoT Internet of Things
#1

Hi,

We are working on Imx8 NXP board and trying to port Fedora-IOT on the same.

We are facing an issue while using Firewall.

[root@localhost ~]# systemctl status firewalld
▒● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor>
Active: failed (Result: exit-code) since Tue 2020-12-08 00:00:07 UTC; 2 we>
Docs: man:firewalld(1)
Process: 340 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS>
Main PID: 340 (code=exited, status=3)
CPU: 1.789s

Dec 08 00:00:04 localhost.localdomain systemd[1]: Starting firewalld - dynamic >
Dec 08 00:00:07 localhost.localdomain systemd[1]: Started firewalld - dynamic f>
Dec 08 00:00:07 localhost.localdomain systemd[1]: firewalld.service: Main proce>
Dec 08 00:00:07 localhost.localdomain systemd[1]: firewalld.service: Failed wit>
Dec 08 00:00:07 localhost.localdomain systemd[1]: firewalld.service: Consumed 1>

Please help to resolve.

Regards.

#2

Can you include the full log lines? The journal entries included cutoff right before the interesting bits.

#3

Dec 28 12:33:43 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Dec 28 12:33:46 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 28 12:33:46 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sy’
Dec 28 12:33:46 localhost.localdomain systemd[1]: firewalld.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
Dec 28 12:33:46 localhost.localdomain systemd[1]: firewalld.service: Failed with result ‘exit-code’.
Dec 28 12:33:46 localhost.localdomain audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sys’
Dec 28 12:33:46 localhost.localdomain systemd[1]: firewalld.service: Consumed 1.774s CPU time.
Dec 28 12:40:36 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Dec 28 12:40:39 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 28 12:40:39 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sy’
Dec 28 12:40:40 localhost.localdomain systemd[1]: firewalld.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
Dec 28 12:40:40 localhost.localdomain systemd[1]: firewalld.service: Failed with result ‘exit-code’.
Dec 28 12:40:40 localhost.localdomain audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sys’
Dec 28 12:40:40 localhost.localdomain systemd[1]: firewalld.service: Consumed 1.776s CPU time.
Dec 28 12:54:35 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Dec 28 12:54:38 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 28 12:54:38 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sy’
Dec 28 12:54:38 localhost.localdomain systemd[1]: firewalld.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
Dec 28 12:54:38 localhost.localdomain systemd[1]: firewalld.service: Failed with result ‘exit-code’.
Dec 28 12:54:38 localhost.localdomain audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sys’
Dec 28 12:54:38 localhost.localdomain systemd[1]: firewalld.service: Consumed 1.787s CPU time.

#4

Not as informative as I might have hoped! :wink:

Can you describe what your setup a bit? You mention your are trying to run Fedora on a particular board, what types of configurations have you already done? If you disable firewalld, can you successfully access the network hardware?

#5

Hi,

We are working on imx8 NXP board. We are trying to port Fedora-iot rootfs on the same. We have not changed anything regarding the firewall settings.

We have used rootfs from below link.

Regards.

#6

@saurav19pandya Your kernel is missing a bunch of features. Probably including some of the bits required for firewall setup. As I mentioned elsewhere, take a look at the Fedora kernel config and how it differs from your kernel config.

#7

Hi @jcm

Please find our work’s explanation in the below link.

Regards.