[SOLVED] Rocky9.3 dnf install firewalld fails because it requires(?) iptables which conflicts with the kernel

Hi there, I’m Cif, and new to Rocky Linux.

I’ve just migrated from CEntOS7 to Rocky 8.9 and then to Rocky 9.3.
While the migration took place, some packages have been removed, like iptables.

The internet says the use of iptables became deprecated with Rocky 9. Okay. What’s recommended instead? Ah… FirewallD. Right… let’s go ahead and install it… oups… fails due to dependencies to… what(??) iptables?? - Thought this was no longer supported in Rocky 9.3.

Well… anyway.
Trying to install iptables leads to dnf or yum trying to remove the kernel.
Trying to install firewalld leads dnf or yum trying to remove the kernel (due to firewalld’s dependencies to iptables).
Appears like firewalling requires another kernel??

What I am doing wrong? oo*

___ snip ________________________________________

me@vpn:~# dnf install firewalld
Problem: package firewalld-1.2.5-2.el9_3.noarch from baseos requires iptables, but none of the providers can be installed

  • package firewalld-1.2.5-2.el9_3.noarch from baseos requires ebtables, but none of the providers can be installed
  • package kernel-3.10.0-1160.114.2.el7.x86_64 from @System conflicts with iptables < 1.3.2-1 provided by iptables-nft-1.8.8-6.el9_1.x86_64 from baseos
  • Conflicting requirements
  • Problem with installed package kernel-3.10.0-1160.114.2.el7.x86_64
    (Try using ‘–allowerasing’ […])

___ snip ________________________________________

I’ve had a look into /etc/yum/repos.d and removed all the repos from CEntOS7 times, made sure the remaining ones only mention rocky linux 9, but still, no luck.
I’m out of ideas, so I had a look in the internet, but nobody seems to have this exact problem.
All the help topics are about managing Firewalld… - I’d wish I’d be there already… ;^^

Any ideas? oo*

Already thank you in advance,
Cif ~

You shouldn’t be using kernel 3.x anymore, you need to clean your system up and remove the old packages. Then it would work.

You should be booted on kernel 5.14 in Rocky 9, and at least 4.18 in Rocky 8. Yours isn’t.

Rocky don’t support upgraded systems, especially from CentOS 7. It’s recommended to clean install and move your data from old systems.

Re : ))

Cleaning out old packages solved it!

Actually the machine is running “Rocky Linux 9.3 (Blue Onyx) - Kernel 5.14.0-362.24.1.el9_3.0.1.x86_64 on x86_64”.

The conflict was only there because the old kernel-3.10.0-1160.114.2.el7.x86_64 was still installed on that machine.

Removing it “yum remove kernel-3.10.0-1160.114.2.el7.x86_64” did the trick.
Now I can install firewalld.

Thank you a lot! : )


Yep, the old kernel relied on older version of iptables, and so you couldn’t install the new one or firewalld. Remove the old package means there is no longer a blockage for the newer version of iptables, and thus you could install it as well as firewalld.