Facing issue regarding the firewall

Hi,

We are working on Imx8 NXP board and trying to port Fedora-IOT on the same.

We are facing an issue while using Firewall.

[root@localhost ~]# systemctl status firewalld
▒● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor>
Active: failed (Result: exit-code) since Tue 2020-12-08 00:00:07 UTC; 2 we>
Docs: man:firewalld(1)
Process: 340 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS>
Main PID: 340 (code=exited, status=3)
CPU: 1.789s

Dec 08 00:00:04 localhost.localdomain systemd[1]: Starting firewalld - dynamic >
Dec 08 00:00:07 localhost.localdomain systemd[1]: Started firewalld - dynamic f>
Dec 08 00:00:07 localhost.localdomain systemd[1]: firewalld.service: Main proce>
Dec 08 00:00:07 localhost.localdomain systemd[1]: firewalld.service: Failed wit>
Dec 08 00:00:07 localhost.localdomain systemd[1]: firewalld.service: Consumed 1>

Please help to resolve.

Regards.

Can you include the full log lines? The journal entries included cutoff right before the interesting bits.

Dec 28 12:33:43 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Dec 28 12:33:46 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 28 12:33:46 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sy’
Dec 28 12:33:46 localhost.localdomain systemd[1]: firewalld.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
Dec 28 12:33:46 localhost.localdomain systemd[1]: firewalld.service: Failed with result ‘exit-code’.
Dec 28 12:33:46 localhost.localdomain audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sys’
Dec 28 12:33:46 localhost.localdomain systemd[1]: firewalld.service: Consumed 1.774s CPU time.
Dec 28 12:40:36 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Dec 28 12:40:39 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 28 12:40:39 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sy’
Dec 28 12:40:40 localhost.localdomain systemd[1]: firewalld.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
Dec 28 12:40:40 localhost.localdomain systemd[1]: firewalld.service: Failed with result ‘exit-code’.
Dec 28 12:40:40 localhost.localdomain audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sys’
Dec 28 12:40:40 localhost.localdomain systemd[1]: firewalld.service: Consumed 1.776s CPU time.
Dec 28 12:54:35 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon…
Dec 28 12:54:38 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 28 12:54:38 localhost.localdomain audit[1]: SERVICE_START pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sy’
Dec 28 12:54:38 localhost.localdomain systemd[1]: firewalld.service: Main process exited, code=exited, status=3/NOTIMPLEMENTED
Dec 28 12:54:38 localhost.localdomain systemd[1]: firewalld.service: Failed with result ‘exit-code’.
Dec 28 12:54:38 localhost.localdomain audit[1]: SERVICE_STOP pid=1 uid=0 auid=4294967295 ses=4294967295 msg=‘unit=firewalld comm=“systemd” exe="/usr/lib/sys’
Dec 28 12:54:38 localhost.localdomain systemd[1]: firewalld.service: Consumed 1.787s CPU time.

Not as informative as I might have hoped!

Can you describe what your setup a bit? You mention your are trying to run Fedora on a particular board, what types of configurations have you already done? If you disable firewalld, can you successfully access the network hardware?

Hi,

We are working on imx8 NXP board. We are trying to port Fedora-iot rootfs on the same. We have not changed anything regarding the firewall settings.

We have used rootfs from below link.

Regards.

@saurav19pandya Your kernel is missing a bunch of features. Probably including some of the bits required for firewall setup. As I mentioned elsewhere, take a look at the Fedora kernel config and how it differs from your kernel config.

Hi @jcm

Please find our work’s explanation in the below link.

Regards.