Otherwise firewalld fails to run. Required -- NF_CONNTRACK_IPV6 NETFILTER_XT_MATCH_CONNTRACK Reproducible: Always
1) Please post your `emerge --info net-firewall/firewalld' output in a comment. 2) Please post the entire command and its output, showing how it fails.
Portage 2.2.20 (python 2.7.9-final-0, default/linux/amd64/13.0/desktop/kde, gcc-4.9.3, glibc-2.20-r2, 3.17.1-gentoo x86_64) ================================================================= System Settings ================================================================= System uname: Linux-3.17.1-gentoo-x86_64-Intel-R-_Core-TM-_i3-2120_CPU_@_3.30GHz-with-gentoo-2.2 KiB Mem: 8117864 total, 6377060 free KiB Swap: 18874364 total, 18874364 free Timestamp of repository gentoo: Sat, 12 Sep 2015 03:30:01 +0000 sh bash 4.3_p39 ld GNU ld (Gentoo 2.24 p1.4) 2.24 ccache version 3.1.9 [enabled] app-shells/bash: 4.3_p39::gentoo dev-java/java-config: 2.2.0::gentoo dev-lang/perl: 5.20.2::gentoo dev-lang/python: 2.7.9-r1::gentoo, 3.4.1::gentoo dev-util/ccache: 3.1.9-r4::gentoo dev-util/pkgconfig: 0.28-r2::gentoo sys-apps/baselayout: 2.2::gentoo sys-apps/openrc: 0.17::gentoo sys-apps/sandbox: 2.6-r1::gentoo sys-devel/autoconf: 2.69::gentoo sys-devel/automake: 1.15::gentoo sys-devel/binutils: 2.24-r3::gentoo sys-devel/gcc: 4.9.3::gentoo sys-devel/gcc-config: 1.7.3::gentoo sys-devel/libtool: 2.4.6::gentoo sys-devel/make: 4.1-r1::gentoo sys-kernel/linux-headers: 3.17-r1::gentoo (virtual/os-headers) sys-libs/glibc: 2.20-r2::gentoo Repositories: gentoo location: /usr/portage sync-type: rsync sync-uri: rsync://rsync.gentoo.org/gentoo-portage priority: -1000 my-tree location: /home/de/dev-tree masters: gentoo priority: 0 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -fomit-frame-pointer -floop-interchange -floop-strip-mine -floop-block -fgraphite-identity -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/config /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo" CXXFLAGS="-march=native -O2 -fomit-frame-pointer -floop-interchange -floop-strip-mine -floop-block -fgraphite-identity -pipe" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps=n --complete-graph --binpkg-respect-use=y" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs binpkg-multi-instance candy ccache config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/tmp" USE="X a52 a53 aac aalib acc acpi adns alsa amd64 amr atm audiofile branding bzip2 cdda cdr cli consolekit cracklib css custom-cflags custom-optimization dbus dbx declarative dga dirac dri dts dv dvd dvdr emboss encode enscript exif faad ffmpeg firefox flac fortran gdu gif glamor glut gmp gsm gstreamer gzip iconv imlib ipc jit jpeg jpeg2k kde ladspa lame lcms libedit libnotify libsamplerate libwww lzma lzo mad matroska matrox mikmod mime minimal mmap mmx mmxext mng modules mozilla mp3 mp4 mpeg mplayer mudflap multilib musepack networkmanager nntp nocd nptl nptlonly nsplugin offensive ogg openal openexr opengl openmp optimization orc osc pam pango pdf phonon pie plasma png policykit posix ppds pppd qt3support qt4 quicktime raw readline schroedinger seccomp sharedmem shorten smp sndfile sockets socks5 speex spell sse sse2 sse3 sse4 sse4_1 sse4_2 ssse3 startup-notification strong-optimization svg symlink sysfs systemd taglib theora threads tiff toolame truetype twolame udev udisks unicode unixd upower usb vaapi vcd vhosts vorbis wavpack win32codecs wmf wxwidgets x264 xcb xcomposite xine xinerama xml xorg xpm xv xvid xvmc zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="unixd authn_core authz_core cgi cgid alias" APACHE2_MPMS="event" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="ssse3 sse3 sse4_1 sse4_2 mmx sse avx mmx sse2" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="pc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="nlpsolver pdfimport" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_4" QEMU_SOFTMMU_TARGETS="x86_64" RUBY_TARGETS="ruby20 ruby21" USERLAND="GNU" VIDEO_CARDS="intel i965 i915" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CC, CPPFLAGS, CTARGET, CXX, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON ================================================================= Package Settings ================================================================= net-firewall/firewalld-0.3.13::gentoo was built with the following: USE="-gui" ABI_X86="64" PYTHON_TARGETS="python2_7 python3_4 -python3_3"
In fact it should check for firewall in the 1st place. ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib64/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Sep 17 14:55:00 desktopminer systemd[1]: Starting firewalld - dynamic firewall daemon... Sep 17 14:55:00 desktopminer systemd[1]: Started firewalld - dynamic firewall daemon. Sep 17 14:55:00 desktopminer firewalld[32340]: 2015-09-17 14:55:00 ERROR: ebtables not usable, disabling ethernet bridge firewall. Sep 17 14:55:00 desktopminer firewalld[32340]: 2015-09-17 14:55:00 FATAL ERROR: No IPv4 and IPv6 firewall. Sep 17 14:55:00 desktopminer firewalld[32340]: 2015-09-17 14:55:00 ERROR: Raising SystemExit in run_server I'll just enable netfilter and show the output.
Yes indeed, we currently do not do any checks for necessary kernel configuration options. We should fix that at some point :-)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9475fd2b16b650273ca215b4b88b08f7f3856d96 commit 9475fd2b16b650273ca215b4b88b08f7f3856d96 Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2018-10-18 04:50:47 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2018-10-18 05:19:24 +0000 net-firewall/firewalld: Version bump to 0.6.3 Handle a bunch of overdue changes at the same time: - Depend on net-firewall/nftables (see upstream commit 7fc4b6cfb52c) - Switch to python-single-r1 (see upstream commit 6d5c0c61fe04) - Check for required kernel options (bug 540110) - Update OpenRC init file (bug 654706) Closes: https://github.com/gentoo/gentoo/pull/10033 Closes: https://bugs.gentoo.org/540110 Closes: https://bugs.gentoo.org/654706 Closes: https://bugs.gentoo.org/662314 Signed-off-by: Matt Turner <mattst88@gentoo.org> net-firewall/firewalld/Manifest | 1 + net-firewall/firewalld/files/firewalld.init | 4 +- net-firewall/firewalld/firewalld-0.6.3.ebuild | 100 ++++++++++++++++++++++++++ 3 files changed, 103 insertions(+), 2 deletions(-)
