Hi - I am running an OpenSuSE 15.4 x64 using Firewalld with iptables as the backend. firewall-cmd -V 0.9.3 I also use Knockd and port knocks to open and close various ports on this system. (and yes I understand the drawbacks of using port knocking!) The trouble is, Firewalld is blocking the knocks and preventing the knockd.service daemon from hearing them. Looking through log files, the only thing I see of serious interest is this error message, I get when I turn debug on, in the firewalld.log file - 2023-01-09 13:24:28 DEBUG1: Applying policy (zone_ANY_public) derived from zone 'public' 2023-01-09 13:24:28 DEBUG1: Applying policy (zone_public_ANY) derived from zone 'public' 2023-01-09 13:24:28 DEBUG1: Applying used policies 2023-01-09 13:24:28 DEBUG1: Applying policy 'allow-host-ipv6' 2023-01-09 13:24:28 DEBUG1: modprobe: FATAL: Module nf_nat_netbios_ns not found in directory /lib/modules/5.14.21-150400.24.38-default 2023-01-09 13:24:28 DEBUG1: Setting policy to 'ACCEPT' 2023-01-09 13:24:28 DEBUG1: GetAll('org.fedoraproject.FirewallD1') 2023-01-09 13:24:28 DEBUG1: config.icmptype.0.GetAll('org.fedoraproject.FirewallD1.config.icmptype') Google provides zero results when I use it to search for "nf_nat_netbios_ns" and YaST2 does not come up with anything either. I don't know if these two issues are related or not, but I need to get Firewalld to allow the knockd.service daemon to hear the knocks. If I stop the Firewalld service, then all works well as far as the knockd.service daemon is concerned and it does hear the knocks then. There is one other thing I see in the firewalld.log file that "looks" ominous, but I have no idea what it means to Overload a zone and whether that is a good thing or a bad thing - 2023-01-09 13:24:28 DEBUG1: Loading zone file '/usr/lib/firewalld/zones/drop.xml' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/usr/lib/firewalld/zones/external.xml' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/usr/lib/firewalld/zones/home.xml' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/usr/lib/firewalld/zones/internal.xml' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/usr/lib/firewalld/zones/nm-shared.xml' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/usr/lib/firewalld/zones/public.xml' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/usr/lib/firewalld/zones/trusted.xml' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/usr/lib/firewalld/zones/work.xml' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/block.xml' 2023-01-09 13:24:28 DEBUG1: Overloads zone 'block' ('/usr/lib/firewalld/zones/block.xml') 2023-01-09 13:24:28 DEBUG1: Setting zone of interface 'eth2' to 'block' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/cameras.xml' 2023-01-09 13:24:28 DEBUG1: Setting zone of interface 'eth3' to 'cameras' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/dmz.xml' 2023-01-09 13:24:28 DEBUG1: Overloads zone 'dmz' ('/usr/lib/firewalld/zones/dmz.xml') 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/docker.xml' 2023-01-09 13:24:28 DEBUG1: Overloads zone 'docker' ('/usr/lib/firewalld/zones/docker.xml') 2023-01-09 13:24:28 DEBUG1: Setting zone of interface 'docker0' to 'docker' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/drop.xml' 2023-01-09 13:24:28 DEBUG1: Overloads zone 'drop' ('/usr/lib/firewalld/zones/drop.xml') 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/external.xml' 2023-01-09 13:24:28 DEBUG1: Overloads zone 'external' ('/usr/lib/firewalld/zones/external.xml') 2023-01-09 13:24:28 DEBUG1: Setting zone of interface 'eth1' to 'external' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/home.xml' 2023-01-09 13:24:28 DEBUG1: Overloads zone 'home' ('/usr/lib/firewalld/zones/home.xml') 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/internal.xml' 2023-01-09 13:24:28 DEBUG1: Overloads zone 'internal' ('/usr/lib/firewalld/zones/internal.xml') 2023-01-09 13:24:28 DEBUG1: Setting zone of interface 'eth0' to 'internal' 2023-01-09 13:24:28 DEBUG1: Loading zone file '/etc/firewalld/zones/nm-shared.xml' 2023-01-09 13:24:28 DEBUG1: Overloads zone 'nm-shared' ('/usr/lib/firewalld/zones/nm-shared.xml') Thanks in advance for helping me with these questions/issues! Marc... -- *"The Truth is out there" - Spooky* *_ _ . . . . . . _ _ . _ _ _ _ . . . . _ . . . . _ _ . _ _ _ . . . . _ _ . _ . . _ . _ _ _ _ . _ . _ . _ . _ . * Computers: the final frontier. These are the voyages of the user Marc. His mission: to explore strange new hardware. To seek out new software and new applications. To boldly go where no Marc has gone before! (/This email is digitally signed and the OpenPGP electronic signature is added as an attachment. If you know how, you can use my public key to prove this email indeed came from me and has not been modified in transit. My public key, which can be used for sending encrypted email to me also, can be found at - https://keys.openpgp.org/search?q=marc@marcchamberlin.com or just ask me for it and I will send it to you as an attachment. If you don't understand all this geek speak, no worries, just ignore this explanation and ignore the OpenPGP signature key attached to this email (it will look like gibberish if you open it) and/or ask me to explain it further if you like./)