Page MenuHomeVyOS Platform
Create Task
Maniphest T236

Can't commit firewall state-policy (iptables chain already exists)
Closed, WontfixPublic
Actions

Description

I tried to set the firewall state-policy. When committing, I got the following error:

vyos@paz# set firewall state-policy established action accept
[edit]
vyos@paz# commit
[ firewall state-policy ]
ip6tables: Chain already exists.
create_ipt_chain [/sbin/ip6tables -t filter -N VYATTA_STATE_POLICY_FWD_HOOK]
failed: [error code - 256]

[[firewall state-policy]] failed
Commit failed

Following some advice on IRC, I did a reboot and the problem had gone away.

Details

Difficulty level
Easy (less than an hour)
Version
1.1.7

Event Timeline

SimonWydooghe created this task.Dec 27 2016, 8:59 PM
SimonWydooghe added a comment.Jan 1 2017, 1:30 PM

I tried to reproduce this, but couldn't unfortunately. This error happened when I deleted firewall rules regarding established and related traffic to replace then with the state-policy settings.

syncer closed this task as Wontfix.Jun 10 2018, 4:15 AM
syncer claimed this task.
syncer added a project: Rejected.Oct 15 2018, 6:30 AM