- Red Hat Enterprise Linux (RHEL) 6.6.
- Red Hat Enterprise Linux (RHEL) 6.7.
- Red Hat Enterprise Linux (RHEL) 6.8.
- Red Hat Enterprise Linux (RHEL) 6.9.
iptables.serviceis not running in minimal installation of RHEL 6.6 and above.
/etc/sysconfig/iptablesfile is not present by default.
Firewall is not running.
# service iptables status iptables: Firewall is not running.
- This is a known issue in minimal installation of RHEL 6.6 and above versions.
- This issue needs to be addressed via the kickstart
system-config-firewall-basepackages were installed by default until Red Hat Enterprise Linux 6.5. But, the behaviour was changed in Red Hat Enterprise Linux 6.6 link.
- You can follow the workaround mentioned below :
As a workaround follow the steps :
Verify that the
iptables.serviceis enabled on boot. If not, enable the service :
# chkconfig iptables on # chkconfig iptables --list iptables 0:off 1:off 2:off 3:on 4:on 5:on 6:off
iptables -Lcommand :
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
iptablesmodules are loaded :
# lsmod | grep table Module Size Used by iptable_filter 2993 0 ip_tables 17831 1 iptable_filter
Creating the file
/etc/sysconfig/directory using :
# service iptables save iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
iptables.serviceis running :
# service iptables status Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
/etc/sysconfig/iptablesfile is not created by default in the minimal installation of the RHEL 6.6 and above. This will results in failing of the
iptable.serviceto start. This issue needs to be addressed via the kickstart
%packagessection. The minimum package set is deliberately kept very small because it's used as part of the RHEL certification processes like FIPS, among others.
This Minimal package set may appear to be missing packages but this is intentional. The Minimal package set can not be altered and we can not automatically flag additional packages for inclusion if the user has selected Minimal. The work around during installation is to use kickstart and install the additional packages needed utilizing the
# service iptables start iptables: No config file. [WARNING]
iptables module is loaded.
# lsmod | grep iptable
- Red Hat Enterprise Linux
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.