Firewalld not starting on boot

jojo999 · March 14, 2024, 6:22am

As the title states, no matter what i do, i am not able to make firewalld start on boot.
service is enabled, all the conflicting services are disabled, i can start the service manually.

its working perfectly fine on another system ( arch barebones )
any clue on why this is hapening

manuel · March 14, 2024, 8:10am

Welcome!

What exactly did you do? Can you show the command(s) and their output?

Did you try this:

sudo systemctl enable --now firewalld.service

massi · March 14, 2024, 9:15am

Welcome @jojo999

sudo systemctl enable firewalld

or

sudo systemctl enable firewalld.service

Both commands are equivalent. systemctl automatically adds the .service
suffix is not specified. Just pick one.

jojo999 · March 14, 2024, 9:36am

yea i have already enabled it, you can see in that screenshot that service is enabled. it just doesnt start on system startup

i can start the service manually “sudo systemctl start firewalld” and it works, but enable doesnt work

Cphusion · March 14, 2024, 10:44am

Check what journalctl says about firewalld after your system start op or see if " systemctl status firewalld.service" gives you any useful information.

manuel · March 14, 2024, 10:52am

Is there any error message when you try to enable?

jojo999 · March 14, 2024, 2:34pm

it is simply what i posted in screenshot of ist comment, no output. service is just dead

jojo999 · March 14, 2024, 2:35pm

no, it executes successfully, like with any other service, if i use --now flag, then it works without any issue, just that on startup its dead again

jojo999 · March 14, 2024, 3:04pm

it simply states that service is dead, nothing else.

no mention of firewalld in journalctl -b either

only firewall related keyword in log is
‘’’ kernel: Bridge firewalling registered "‘’

Cphusion · March 14, 2024, 3:17pm

Are you using Qemu/libvirt on your system?

jojo999 · March 14, 2024, 3:29pm

virt-manager and related packages are installed, yes

Cphusion · March 14, 2024, 3:32pm

Check whether any of these are active on startup.
iptables.service ip6tables.service ebtables.service ipset.service nftables.service
And check if you have the following packages installed: “iptables-nft” and “dnsmasq”?

jojo999 · March 14, 2024, 3:52pm

i did check, all of these services are disabled

but “iptables” and “dnsmasq” are there, is later the problem ?

Cphusion · March 14, 2024, 4:20pm

Do you have any bridge or virtual networks defined in your Qemu/libvirt config and are you able to start them?

jojo999 · March 14, 2024, 4:31pm

i dont have anything defined in my virt-manager, basically never used it, so no

manuel · March 14, 2024, 5:20pm

Have you made any adjustment to the firewalld settings, or is it untouched after install?

jojo999 · March 14, 2024, 5:24pm

none i think, except adding an app to firewall

manuel · March 14, 2024, 5:28pm

Here’s some reading if you haven’t seen it: https://discovery.endeavouros.com/applications/firewalld

Hope it (or the links in it) helps.