CentOS7 执行 service iptables save 报错 The service command supports only basic LSB actions xxxxxx
现象描述
在 CentOS 7.6.1810 下执行 service iptables save 命令,出现如下错误:
[root@test ~]# service iptables save
The service command supports only basic LSB actions (start, stop, restart, try-restart, reload, force-reload, status). For other actions, please try to use systemctl.
原因
从 CentOS 7.x 开始,CentOS 开始使用 systemd 服务来代替 daemon,原来管理系统启动和管理系统服务的相关命令全部由 systemctl 命令来代替。service 命令之保留了极少部分使用,大部分命令都要改用 systemctl 命令来使用。
在 RHEL 7 和 CentOS 7 中, firewalld 被引入来管理 iptables。
解决方案
首先停止防火墙:
systemctl stop firewalld
systemctl mask firewalld
在 CentOS 7 和 RHEL 7 中,没有 /etc/sysconfig/iptables 这个配置文件,也不能执行 service iptables restart 命令,需要通过安装 iptables-services 才有。
[root@test ~]# cat /etc/redhat-release
CentOS Linux release 7.6.1810 (Core)
[root@test ~]# rpm -qa|grep iptables
iptables-1.4.21-28.el7.x86_64
[root@test ~]# yum -y install iptables-services
然后就可以使用 service iptables [start | stop | restart | save ....] 命令。
# 这样就可以保存防火墙规则了
[root@test ~]# service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
[root@test ~]# ll /etc/sysconfig/iptables
-rw-------. 1 root root 6479 Nov 7 04:00 /etc/sysconfig/iptables # 或者 使用如下命令
[root@test ~]# /usr/libexec/iptables/iptables.init save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
延伸知识
CentOS 7 中没有 service iptables save 指令来保存防火墙规则,怎么处理的呢?
解决办法:
systemctl stop firewalld # 关闭防火墙
yum -y install iptables-services # 安装 iptables 服务
systemctl enable iptables # 设置 iptables 服务开机启动
systemctl start iptables # 启动 iptables 服务
service iptables save # 保存 iptables 配置
service iptables restart # 重启 iptables 服务
[root@test ~]# systemctl status iptables
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: active (exited) since Thu 2019-11-07 04:09:20 EST; 14s ago
Process: 85040 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 85040 (code=exited, status=0/SUCCESS) Nov 07 04:09:20 test systemd[1]: Starting IPv4 firewall with iptables...
Nov 07 04:09:20 test iptables.init[85040]: iptables: Applying firewall rules: [ OK ]
Nov 07 04:09:20 test systemd[1]: Started IPv4 firewall with iptables. [root@test ~]# service iptables status
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: active (exited) since Thu 2019-11-07 04:09:20 EST; 24s ago
Process: 85040 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 85040 (code=exited, status=0/SUCCESS) Nov 07 04:09:20 test systemd[1]: Starting IPv4 firewall with iptables...
Nov 07 04:09:20 test iptables.init[85040]: iptables: Applying firewall rules: [ OK ]
Nov 07 04:09:20 test systemd[1]: Started IPv4 firewall with iptables.
注意: firewalld 和 iptables 两种不同的防火墙规则的配置方式,不能同时启动。
示例1: 使用 systemctl start firewalld 启动的防火墙
[root@docker01 ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2019-11-07 04:20:58 EST; 2min 5s ago
Docs: man:firewalld(1)
Main PID: 86122 (firewalld)
Tasks: 2
Memory: 21.6M
CGroup: /system.slice/firewalld.service
└─86122 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -i docker0 ! -o docker0 -j ACCEPT' failed...t chain?).
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C PREROUTING -m addrtype --dst-type LOCAL -j DOCKER' f...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C OUTPUT -m addrtype --dst-type LOCAL -j DOCKER ! --ds...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: N...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED...t chain?).
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION-STAGE-1' failed: ipta...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Ba...t chain?).
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -n -L DOCKER-USER' failed: iptables: No chain/target...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C DOCKER-USER -j RETURN' failed: iptables: Bad rule...t chain?).
Nov 07 04:21:01 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-USER' failed: iptables: No chai...that name.
Hint: Some lines were ellipsized, use -l to show in full. [root@docker01 ~]# service iptables status
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: inactive (dead) since Thu 2019-11-07 04:20:57 EST; 3min 23s ago
Process: 86123 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS)
Process: 85907 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 85907 (code=exited, status=0/SUCCESS) Nov 07 04:18:38 docker01 systemd[1]: Starting IPv4 firewall with iptables...
Nov 07 04:18:38 docker01 systemd[1]: Started IPv4 firewall with iptables.
Nov 07 04:20:57 docker01 systemd[1]: Stopping IPv4 firewall with iptables...
Nov 07 04:20:57 docker01 iptables.init[86123]: iptables: Setting chains to policy ACCEPT: filter [ OK ]
Nov 07 04:20:57 docker01 iptables.init[86123]: iptables: Flushing firewall rules: [ OK ]
Nov 07 04:20:57 docker01 systemd[1]: Stopped IPv4 firewall with iptables.
示例2: 使用 service iptables start 启动的防火墙
[root@docker01 ~]# service iptables start
Redirecting to /bin/systemctl start iptables.service
[root@docker01 ~]# service iptables status
Redirecting to /bin/systemctl status iptables.service
● iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; disabled; vendor preset: disabled)
Active: active (exited) since Thu 2019-11-07 04:31:00 EST; 5s ago
Process: 87000 ExecStop=/usr/libexec/iptables/iptables.init stop (code=exited, status=0/SUCCESS)
Process: 87101 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 87101 (code=exited, status=0/SUCCESS) Nov 07 04:31:00 docker01 systemd[1]: Starting IPv4 firewall with iptables...
Nov 07 04:31:00 docker01 iptables.init[87101]: iptables: Applying firewall rules: [ OK ]
Nov 07 04:31:00 docker01 systemd[1]: Started IPv4 firewall with iptables. [root@docker01 ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Thu 2019-11-07 04:29:12 EST; 2min 7s ago
Docs: man:firewalld(1)
Process: 86122 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 86122 (code=exited, status=0/SUCCESS) Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t nat -C OUTPUT -m addrtype --dst-type LOCAL -j DOCKER ! --ds...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -j DOCKER' failed: iptables: N...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -o docker0 -m conntrack --ctstate RELATED...t chain?).
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-ISOLATION-STAGE-1' failed: ipta...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -D FORWARD -i docker0 -o docker0 -j DROP' failed: iptables: Ba...t chain?).
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -n -L DOCKER-USER' failed: iptables: No chain/target...that name.
Nov 07 04:21:00 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C DOCKER-USER -j RETURN' failed: iptables: Bad rule...t chain?).
Nov 07 04:21:01 docker01 firewalld[86122]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -t filter -C FORWARD -j DOCKER-USER' failed: iptables: No chai...that name.
Nov 07 04:29:11 docker01 systemd[1]: Stopping firewalld - dynamic firewall daemon...
Nov 07 04:29:12 docker01 systemd[1]: Stopped firewalld - dynamic firewall daemon.
Hint: Some lines were ellipsized, use -l to show in full.
CentOS7 执行 service iptables save 报错 The service command supports only basic LSB actions xxxxxx的更多相关文章
- 3.centos 7执行service iptables save报错问题
1.报错 [root@localhost ~]# service iptables save The service command supports only basic LSB actions ( ...
- 解决 service iptables save 报错 please try to use systemctl
本文档根据 service iptables save 报错 please try to use systemctl 提供解决方案.报错 [root@Jaking ~]# service iptabl ...
- The service command supports only basic LSB actions (start, stop, restart, try-restart, reload,force-reload, status)
# service iptables save The service command supports only basic LSB actions (start, stop, restart, t ...
- centos7 service iptables save 报错
解决办法: 1.systemctl stop firewalld 2.yum install iptables-services 3.systemctl restart iptables 4.ser ...
- 防火墙centos7执行 service iptables status报错问题完美解决
在centos7 执行防火墙命令时 service iptables status 报错如下: 解决方案 : 1.systemctl start firewalld.service(开启防火墙) 2. ...
- service mysqld start 报错:service mysqld start 报错 090517 13:34:15 [ERROR] Can't open the mysql.plugin table. Please run mysql_upgrade to create it. 090Can't open the mysql.plugin table. Please run mysql
service mysqld start 报错 090517 13:34:15 [ERROR] Can't open the mysql.plugin table. Please run mysql_ ...
- centos7中没有service iptables save指令来保存防火墙规则
1.任意运行一条iptables防火墙规则配置命令: iptables -P OUTPUT ACCEPT 2.对iptables服务进行保存: service iptables save 如果上述命令 ...
- centos .7x service iptables save 错误解决方案
保存转发规则的时候,发现service iptables save 无效,而且报错[root@localhost bin]# service iptables saveThe service comm ...
- 解决service iptables save出错please try to use systemctl
# service iptables save The service command supports only basic LSB actions (start, stop, restart, t ...
随机推荐
- 【python开发】迈出第一步,这可能是我唯一一次的Python开发了
好久没写博了,今天就瞎唠唠吧 背景: 组内有个测试平台,是基于Python2+tornado 框架写的,之前自己维护了一套系统的UIweb自动化代码,现在需要集成进去.这很可能是自己唯一一次基于pyt ...
- hdu6075 2019CCPC网络选拔赛1004 path
题意:给定一个带权有向图,有q组询问,每次询问在有向图的所有路径中,第k小的路径权值 解题思路:因为k最大只有5e4,考虑暴力搜索出前maxk小的路径并用数组记录权值,然后就可以O(1)查询. 具体实 ...
- 05 element.ui 全局配置
element.ui css样式在组件里面改有的不会生效,是因为加了scoped.局部作用,放在这里是全局配置
- 正则表达式在Java中应用的三种典型场合:验证,查找和替换
正则式在编程中常用,总结在此以备考: package regularexp; import java.util.regex.Matcher; import java.util.regex.Patter ...
- asp.net中 使用Nginx 配置 IIS站点负载均衡
这是一偏初学者入门的内容,发现有问题的地方,欢迎留言,一起学习,一起进步 本文主要记录一下在Windows平台中,IIS站点如何使用Nginx 做一个简单的负载均衡 一. 准备工作: 官网下载安装包 ...
- SpringCloud-config分布式配置
为什么要统一管理微服务配置? 随着微服务不断的增多,每个微服务都有自己对应的配置文件.在研发过程中有测试环境.UAT环境.生产环境,因此每个微服务又对应至少三个不同环境的配置文件.这么多的配置文件,如 ...
- matplotlib | Python强大的作图工具,让你从此驾驭图表(二)
今天是数据处理专题的第10篇文章,我们继续来聊聊matplot这个工具库. 在上周的文章当中我们介绍了matplot的基本用法,以及展示了一些简单的例子,让大家直观地了解这个工具包.我们可以简单地将它 ...
- web网站——nginx,LNMP部署03
nginx功能: (1)web服务器: 默认网页目录为:/usr/share/nginx/html (2)反向代理服务器: nginx代替客户端访问后端服务器,后端服务器只知道是nginx的请求,并将 ...
- hystrix文档翻译之开始使用
获取包 使用maven获取包. <dependency> <groupId>com.netflix.hystrix</groupId> <artifactId ...
- Linux系统编程—信号量
大家知道,互斥锁可以用于线程间同步,但是,每次只能有一个线程抢到互斥锁,这样限制了程序的并发行.如果我们希望允许多个线程同时访问同一个资源,那么使用互斥锁是没有办法实现的,只能互斥锁会将整个共享资源锁 ...