22 Nov 2024 10:50 AM
Érintettség ellenőrzése az adott Dynatrace Managed szervereken:
command: systemctl status dynatrace-firewall
eredmény érintettség esetén: Failed to start Dynatrace Firewall settings
[root@DT-Falcon ~]# systemctl status dynatrace-firewall
× dynatrace-firewall.service - Dynatrace Firewall settings
Loaded: loaded (/etc/systemd/system/dynatrace-firewall.service; enabled; preset: disabled)
Active: failed (Result: exit-code) since Wed 2024-11-20 16:09:18 EST; 10s ago
Duration: 12min 49.182s
Process: 29183 ExecStart=/opt/dynatrace-managed/firewall/services/firewall.sh start (code=exited, status=1/FAILURE)
Main PID: 29183 (code=exited, status=1/FAILURE)
CPU: 405ms
Nov 20 16:09:18 DT-Falcon firewall.sh[29253]: Error: Could not process rule: Operation not permitted
Nov 20 16:09:18 DT-Falcon firewall.sh[29253]: insert rule inet firewalld filter_INPUT jump dt_filter_INPUT
Nov 20 16:09:18 DT-Falcon firewall.sh[29253]: ^^^^^^^^^
Nov 20 16:09:18 DT-Falcon firewall.sh[29254]: Error: Could not process rule: Operation not permitted
Nov 20 16:09:18 DT-Falcon firewall.sh[29254]: insert rule inet firewalld filter_FORWARD jump dt_filter_FORWARD
Nov 20 16:09:18 DT-Falcon firewall.sh[29254]: ^^^^^^^^^
Nov 20 16:09:18 DT-Falcon firewall.sh[29183]: Adding rules ... failed.
Nov 20 16:09:18 DT-Falcon systemd[1]: dynatrace-firewall.service: Main process exited, code=exited, status=1/FAILURE
Nov 20 16:09:18 DT-Falcon systemd[1]: dynatrace-firewall.service: Failed with result 'exit-code'.
Nov 20 16:09:18 DT-Falcon systemd[1]: Failed to start Dynatrace Firewall settings.
sed -i 's/^NftablesTableOwner=.*/NftablesTableOwner=no/g' /etc/firewalld/firewalld.conf && restorecon /etc/firewalld/firewalld.conf && systemctl stop firewalld && systemctl start firewalld && /opt/dynatrace-managed/launcher/dynatrace.sh stop && /opt/dynatrace-managed/launcher/dynatrace.sh start
sed -i 's/^NftablesTableOwner=.*/NftablesTableOwner=no/g' /etc/firewalld/firewalld.conf && systemctl stop firewalld && systemctl start firewalld && /opt/dynatrace-managed/launcher/dynatrace.sh stop && /opt/dynatrace-managed/launcher/dynatrace.sh start