Why are my network connections being rejected?
Well, I figured it out. And it's a doozy.
CentOS 8 uses nftables, which by itself isn't surprising. It ships with the nft
version of the iptables
commands, which means when you use the iptables
command it actually maintains a set of compatibility tables in nftables.
However...
Firewalld -- which is installed by default -- has native support for nftables, so it doesn't make use of the iptables compatibility layer.
So while iptables -S INPUT
shows you:
# iptables -S INPUT
-P INPUT ACCEPT
What you actually have is:
chain filter_INPUT {
type filter hook input priority 10; policy accept;
ct state established,related accept
iifname "lo" accept
jump filter_INPUT_ZONES_SOURCE
jump filter_INPUT_ZONES
ct state invalid drop
reject with icmpx type admin-prohibited <-- HEY LOOK AT THAT!
}
The solution here (and honestly probably good advice in general) is:
systemctl disable --now firewalld
With firewalld out of the way, the iptables rules visible with iptables -S
will behave as expected.
Артур Олмос
Updated on September 18, 2022Comments
-
Артур Олмос almost 2 years
I've found a lot of Room tutorials, but none of them explains this.
How can I run a query returning one object, not a LiveData?
I have this method in my Room Dao:
@Dao public interface TrainingDao { .... Query("SELECT * FROM " + TABLE_TRAININGS + " WHERE name =:name AND open =:open") Training fetchTrainingByName(String name, int open); ... }
If I run this method on main thread, app crashes with error "Cannot access database on the main thread since...".
So, how can I run this query inside an AsyncTask returning one Training object?