Sunil, thank you for your answer and your time. I'll study the links you provided and investigate the influence of the docker further.
This may take me another two weeks :) D. PS: Sorry for bringing up something which now looks like unrelated to the actual Freedombox part of my system. On 08.10.2018 20:59, Sunil Mohan Adapa wrote: > On Monday 08 October 2018 02:32 AM, Daddy wrote: > [...] >> I was eventually able to get the DHCP working (by manually allowing the >> service in firewalld), but not the connection to the internet. >> >> *My network setup:* >> <WAN> -- <Modem> -- <Freedombox> -- <LAN> >> >> <LAN> is connected to Fbx through two separate interfaces - wired and >> wireless, both set as internal zone in firewall. >> LAN connections are both using "Shared" ipv4 setting; no settings were >> adjusted. >> >> *Freedombox System:* >> Debian GNU/Linux buster/sid and FreedomBox version 0.39.0. >> >> I'm not filling bug report, as this may have been caused by something >> I've chosen during the manual system upgrade - I'm just not able to >> pinpoint it yet. >> > Hello, > > Your iptables-save output shows that you are not using firewalld. > However, for the commands you have executed you indeed have firewalld > running. > > A possible explanation is that you have setup separate iptable scripts > other than firewalld. First firewalld starts then the offending script > starts wiping out the firewalld chains. See below for a sample of how > the nat table should look like with firewalld. To test this theory, > restart firewalld, (observe different output for iptables-save), > disconnect/connect shared network connections, check if the problem is > resolved. To fix, remove the offending script. > > Also, you seem to have docker containers running. Docker seems to insert > its own chains (but not sure if it wipes iptables). Docker is usually > started after firewalld when running under systemd[1]. So, things should > be okay unless you restart firewalld. To properly fix this you may want > to explore and setup firewalld rich rules[2] and ask docker to not touch > iptables. > > Links: > > 1) > https://success.docker.com/article/why-am-i-having-network-problems-after-firewalld-is-restarted > 2) https://fedoraproject.org/wiki/Features/FirewalldRichLanguage > _______________________________________________ Freedombox-discuss mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/freedombox-discuss
