The firewalld service reports the error when the Plesk Firewall is installed: WARNING: COMMAND_FAILED

Symptoms

• When checking the firewalld service status, it reports the following error:

  # systemctl status firewalld
  firewalld.service - firewalld - dynamic firewall daemon
  Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled;
  ...
  example.com firewalld[20760]: WARNING: COMMAND_FAILED: '/usr/sbin/iptables -w2 -w --table filter --delete FORWARD --source 192.0.2.2/24 --in-interface virbr0 --jump ACCEPT' failed:

• Plesk Firewall extension is installed (Plesk > Extensions > My Extensions > Firewall):

  

Cause

firewalld service and Plesk Firewall conflict with each other. It is recommended to run one service at a time.

Resolution

Warning: The following steps may lead to a connection break due to a network misconfiguration. Before you start, make sure you have an access to the server via its console. Contact your hosting provider for assistance.

Disable the firewalld service:

1. Connect to the Plesk server via SSH.

2. Disable the firewalld service using the command:

   # systemctl stop firewalld && systemctl disable firewalld

3. Restart Plesk Firewall service to re-apply the rules:

   # systemctl restart plesk-firewall.service || systemctl restart psa-firewall

   Note: Plesk Firewall service name vary based on OS and Plesk versions, the command above may report one of the service names as "not found" which is expected.