Resolving log on issues caused by the firewall-cmd command

Ops Center Administrator Getting Started Guide
Version
11.0.x
Audience
anonymous
Part Number
MK-99ADM000-23

If you run the firewall-cmd command with the --direct option, connections to Ops Center Administrator from a web browser might fail.

The problem occurs when all the following conditions are met:

  • The operating system is Red Hat Enterprise Linux 9.2 or later or Oracle Linux 9.2 or later.
  • The firewalld is v1.2.5-2 or later.
  • A chain or rule that can be added by using the --direct option of the firewall-cmd command does not exist.
  • When any of the following actions are performed:
    • The firewall-cmd command is run with the --direct option.
    • Ops Center API Configuration Manager 11.0.1 or earlier is used.

Recovery

Recover from this issue by completing one of the following actions:

  • Restart the Ops Center Administrator service by running the following command:
    # systemctl restart rainier
  • Reload the network for podman by running the following command: 
    # podman network reload --all

Workaround

  • If Ops Center Administrator is not yet installed:
    1. Create a dummy chain to the firewall before installation by running the following command:
      # firewall-cmd --direct --permanent --add-chain ipv6 filter dummyChain
    2. Reload firewalld service by running the following command:
      # firewall-cmd --reload
  • If Ops Center Administrator is already installed:
    1. Create a dummy chain to the firewall by running the following command:
      # firewall-cmd --direct --permanent --add-chain ipv6 filter dummyChain
    2. Reload firewalld service by running the following command:
      # firewall-cmd --reload
    3. Restart the Ops Center Administrator service by running the following command:
      # systemctl restart rainier

After applying the workaround, if you complete any of the following actions, run the # systemctl restart rainier command and restart the Ops Center Administrator service:

  • Run firewalld-cmd reload.
  • Run systemctl restart firewalld.
  • Install Ops Center Analyzer viewpoint.
  • Change the Ops Center Analyzer viewpoint server port number by using the changeportnumber command.
  • Install the Ops Center Analyzer server.
  • Install the Ops Center Analyzer detail view server.
  • Install the Ops Center Analyzer probe server.
  • Install Ops Center Protector.
  • Remove Ops Center Protector.