Ни разу на симпли не приходилось юзать iptables, но вот настал момент.
Для начала по старинке всё очистил:
iptables -F
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain LIBVIRT_FWI (0 references)
target prot opt source destination
Chain LIBVIRT_FWO (0 references)
target prot opt source destination
Chain LIBVIRT_FWX (0 references)
target prot opt source destination
Chain LIBVIRT_INP (0 references)
target prot opt source destination
Chain LIBVIRT_OUT (0 references)
target prot opt source destination
Пробую запустить:
# systemctl start iptables.service
Job for iptables.service failed because the control process exited with error code.
See "systemctl status iptables.service" and "journalctl -xe" for details.
Вот такая фигня:
-- Начат процесс запуска юнита iptables.service.
янв 29 18:11:02 mlxadmin.miac35.local iptables[676455]: iptables start succeeded
янв 29 18:11:02 mlxadmin.miac35.local iptables[676448]: iptables firewall is not configured[PASSED]
янв 29 18:11:02 mlxadmin.miac35.local systemd[1]: iptables.service: Main process exited, code=exited, status=1/FAILURE
-- Subject: Unit process exited
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- An ExecStart= process belonging to unit iptables.service has exited.
--
-- The process' exit code is 'exited' and its exit status is 1.
янв 29 18:11:02 mlxadmin.miac35.local systemd[1]: iptables.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- The unit iptables.service has entered the 'failed' state with result 'exit-code'.
янв 29 18:11:02 mlxadmin.miac35.local systemd[1]: Failed to start IPv4 firewall with iptables.
-- Subject: Ошибка юнита iptables.service
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Произошел сбой юнита iptables.service.
Может предварительно ещё что-то нужно настроить?