Firewall problem iptables_restore_cmdlist

[xitgabrielemassari]

Yesterday, I updated my Proxmox to version 9.0.18, but since this morning, I consistently receive the error pve pve-firewall[39632]: status update error: iptables_restore_cmdlist: Try `iptables-restore -h' or 'iptables-restore --help' for more information. I tried installing the previous firewall version (6.0.3), but the error persists. What can I do?"

 

[shanreich]

In the past this was oftentimes caused by disabled IPv6, is it possible that this is the case here?

 

[xitgabrielemassari]

Thanks for the reply...Before the update, everything was working perfectly...how can I verify what you requested if IPv6 is disabled? I haven't touched anything except the update.

 

[shanreich]

Usually with this problem it was set via the kernel command line, which you could check via

cat /proc/cmdline

But, I think in your case it might be a different problem - would it be possible for you to send me the output of pve-firewall compile ? You can censor MAC / IP-addresses, but please do it in a way that keeps replacements consistent.

 

[xitgabrielemassari]

I attached the pve-firewall compile for you

command: cat /proc/cmdline
initrd=\EFI\proxmox\6.17.2-1-pve\initrd.img-6.17.2-1-pve root=ZFS=rpool/ROOT/pve-1 boot=zfs iommu=pt

thanks

 

[xitgabrielemassari]

I figured out the problem. It was a rule with a lot of IPs that I had blocked. By deleting it, everything started working again. Thank you for the support, you were really kind. I wish you the best of luck.