firewalld-0.8.0 fails to add direct rules when backed by iptables

Solution In Progress - Updated -


  • firewall-cmd --zone=<zone> --direct --add-rule ipv4 filter <chain> <priority> <args> fails with following error.

    Error: gen_chain_rules() missing 1 required positional argument: 'transaction'
  • When firewalld is backed with iptables, firewalld's /etc/firewalld/direct.xml may fail to load after upgrading to firewalld-0.8.0.


  • Red Hat Enterprise Linux (RHEL) 8
    • firewalld-0.8.0-2.el8
    • firewalld-0.8.0-3.el8
    • firewalld-0.8.0-4.el8

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In