That code path fails to detect that neither --wait or -w is supported, since iptables-restore returns a successful return code on invalid parameters and firewalld uses the return code to detect whether it works: # echo "#foo" | /sbin/iptables-restore --wadit=2; echo $? /sbin/iptables-restore: unrecognized option '--wadit=2' 0
The current version of firewalld fixed that, by looking for the error message as well: https://github.com/firewalld/firewalld/commit/2e929389eb15b12e96f18e5fe3dc5ae31639e8dd -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1835188 Title: firewalld attempts to use parameter that requires a newer iptables version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firewalld/+bug/1835188/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs