SUSE Support

Here When You Need Us

Why do I get a "Another Firewall Active" message when using Docker with SuSEfirewall2 ?

This document (7022442) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 12 Service Pack 2 (SLES 12 SP2)
SUSE Linux Enterprise Server 12 Service Pack 3 (SLES 12 SP3)

Situation

While attempting to start SuSEfirewall2 in YaST after starting Docker an error is received: Another Firewall Is Active

Resolution

Reboot and then restart the service one more time so that the Docker service is no longer trying to work with iptables natively and starts working through it with SuSEfirewall2.

Cause

Docker on SLES 12 SP2 and SP3 modifies iptables in order to allow networking into and out of containers. If SuSEfirewall2 is started from the beginning, Docker will modify iptables with SuSEfirewall2. If it is not started, Docker will modify iptables directly.

If SuSEfirewall2 is started after Docker, then an error is received in YaST that, another firewall (iptables) is active. If SuSEfirewall2 is started anyway, the Docker containers may lose inbound and outbound connectivity as those rules are no longer available.

Additional Information


Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:7022442
  • Creation Date: 08-Dec-2017
  • Modified Date:03-Mar-2020
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.