Firewalld add "flags owner,persist" in fedora 42

innovus · April 16, 2025, 2:14am

I have upgraded to fedora 42. Firewalld add “flags owner,persist” in nft ruleset. When I add rule with nft command, it errors:
Error: Could not process rule: Operation not permitted.
How to remove flags?

vgaetera · April 16, 2025, 2:46am

sudo busctl set-property \
    org.fedoraproject.FirewallD1 /org/fedoraproject/FirewallD1/config \
    org.fedoraproject.FirewallD1.config NftablesTableOwner s no
sudo firewall-cmd --reload

Safer options:

Use native syntax such as rich language.
Implement customization in a separate table.

innovus · April 17, 2025, 9:09am

Thanks. I change /etc/firewalld/firewalld.conf, NftablesTableOwner=no. It’s OK now.
But NftablesTableOwner=yes in fedora41, why it has no effect?

vgaetera · April 17, 2025, 10:32am

This was not supported by older nftables.

Probably not so trivial in your case.

Topic		Replies	Views
FirewallD Ask Fedora firewalld	4	170	October 23, 2024
How can I make iptables rules persistent? Ask Fedora	2	3054	May 20, 2021
Fedora 31 can't resolve dns names anymore Ask Fedora f31	19	1904	July 6, 2020
Nftables firewall accept command Ask Fedora	2	300	April 20, 2022
Nobody talking about foomuuri...many asking for fine-grained alternative to firewalld Ask Fedora firewalld , nftables , iptables	2	327	June 18, 2024

Firewalld add "flags owner,persist" in fedora 42

Related topics