[PVE-User] IPv6 disabled - status update error: iptables_restore_cmdlist

Demetri A. Mkobaranov damkobaranov at gmail.com
Fri Feb 21 15:15:35 CET 2020

On 2/20/20 9:05 PM, Stefan M. Radman via pve-user wrote:
> Try /etc/sysconfig/ip6tables
> Stefan
> # fgrep -A1 /etc/sysconfig/ip6tables /etc/sysconfig/ip6tables-config
> # Saves all firewall rules to /etc/sysconfig/ip6tables if firewall gets stopped
> # (e.g. on system shutdown).
> --
> # Saves all firewall rules to /etc/sysconfig/ip6tables if firewall gets
> # restarted.
> --
> # Save counters for rules and chains to /etc/sysconfig/ip6tables if
> # 'service ip6tables save' is called or on stop or restart if SAVE_ON_STOP or

Thank you Stefan

It seems like that path might work for RPM based distros. I'm on Debian.

I tried creating the folder and an empty file (just in case) but it 
didn't work as expected.

I didn't find a solution yet but I'm writing here what I've done so far 
as future reference:

accordingly to Debian's instructions https://wiki.debian.org/iptables:

1. I created etc/ip6tables.up.rules, restarted pve-firewall (which in my 
case is disabled because I use ferm) -> no difference, still same logging

2. I installed iptables-persistent package, let the postinst script 
create /etc/iptables/rules.v6 but it succeeded only in creating

/etc/iptables/rules.v4 (probably because ipv6 is disabled). So I touched it, restarted pve-firewall -> no difference, still same logging

Any tip is appreciated


More information about the pve-user mailing list