Hi,
I am using docker compose on debian 11. The docker daemon is up and running, however something seems to be wrong with the firewall as the containers will not start and come up with an error.
Here is the output of systemctl status docker.service:
docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/docker.service.d
└─waitAllMounts.conf
Active: active (running) since Mon 2024-02-19 18:19:04 CET; 12h ago
TriggeredBy: ● docker.socket
Docs: https://docs.docker.com
Main PID: 7294 (dockerd)
Tasks: 12
Memory: 29.3M
CGroup: /system.slice/docker.service
└─7294 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
Feb 19 18:19:04 wdmch systemd[1]: Started Docker Application Container Engine.
Feb 19 18:19:48 wdmch dockerd[7294]: time=“2024-02-19T18:19:48.500212402+01:00” level=info msg=“Firewalld: interface docker0 already part of docker zone, returning”
and here for your reference the output of systemctl status firewalld.service:
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2024-02-19 18:27:35 CET; 12h ago
Docs: man:firewalld(1)
Main PID: 8554 (firewalld)
Tasks: 2 (limit: 1099)
Memory: 24.9M
CGroup: /system.slice/firewalld.service
└─8554 /usr/bin/python3 /usr/sbin/firewalld --nofork --nopid
Feb 19 18:27:32 wdmch systemd[1]: Starting firewalld - dynamic firewall daemon…
Feb 19 18:27:35 wdmch systemd[1]: Started firewalld - dynamic firewall daemon.
Feb 19 18:27:35 wdmch firewalld[8554]: WARNING: ipset not usable, disabling ipset usage in firewall.
Feb 19 18:27:36 wdmch firewalld[8554]: ERROR: ‘python-nftables’ failed: internal:0:0-0: Error: Could not process rule: No such file or directory internal:0:0-0: Error: Could not process rule: Numerical result out of range
Finally when I start the container I get the error:
Error response from daemon: Failed to program NAT chain: COMMAND_FAILED: ‘python-nftables’ failed
any ideas how this can be solved?
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Error response from daemon: Failed to program NAT chain: COMMAND_FAILED: ‘python-nftables’ failed
- fabien
- Forum Helper
- Posts: 688
- Joined: 2019-12-03 12:51
- Location: Anarres (Toulouse, France actually)
- Has thanked: 62 times
- Been thanked: 161 times
Re: Error response from daemon: Failed to program NAT chain: COMMAND_FAILED: ‘python-nftables’ failed
Hello Godeke, welcome to the forums!
please don't crosspost, or if you do, add a link to your other threads so people don't waste time responding to things already said in other posts.
You appear to be using OpenMediaVault which, although been based on Debian, is not Debian. Therefore, I'm moving your topic to the Off-Topic section where people can still answer your question if they have knowledge on the topic.
please don't crosspost, or if you do, add a link to your other threads so people don't waste time responding to things already said in other posts.
You appear to be using OpenMediaVault which, although been based on Debian, is not Debian. Therefore, I'm moving your topic to the Off-Topic section where people can still answer your question if they have knowledge on the topic.