在宝塔服务器管理面板中无法打开防火墙开关，无法添加端口或者屏蔽IP。

先在ssh就是命令检查

systemctl restart firewalld

systemctl status firewalld

先用这二条命令看看结果，类似如下报错：

• firewalld.service – firewalld – dynamic firewall daemon
  Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
  Active: inactive (dead) since Wed 2022-09-07 10:48:04 CST; 6s ago
  Docs: man:firewalld(1)
  Process: 16382 ExecStart=/usr/sbin/firewalld –nofork –nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
  Main PID: 16382 (code=exited, status=0/SUCCESS)

Sep 07 10:48:03 5 systemd[1]: Starting firewalld – dynamic firewall daemon…
Sep 07 10:48:04 5 systemd[1]: Started firewalld – dynamic firewall daemon.
Sep 07 10:48:04 5 firewalld[16382]: WARNING: ipset not usable, disabling ipset usage in firewall.
Sep 07 10:48:04 5 firewalld[16382]: ERROR: Failed to load nf_conntrack module: modprobe: ERROR: could not …rack’
modprobe: ERROR: could not insert ‘nf_conntrack’: Function not implemented
modprobe: ERROR: Error running install command for nf_conntrack…
Sep 07 10:48:04 5 firewalld[16382]: ERROR: Raising SystemExit in run_server
Hint: Some lines were ellipsized, use -l to show in full.

通过上面的出错，基本可以判定是防火墙程序软件问题。

解决方法：

先删掉firewalld防火墙程序，在重装下，最后重启，SSH命令如下。

yum remove -y firewalld

yum install -y firewalld

firewall-cmd –reload

如果打开宝塔，可以重启下服务器，如还是进不了宝塔，可能需要在SSH中放行下宝塔的8888端口，其他端口80、443也一起在SSH中放行下，命令如下，将8888换成80或443。

firewall-cmd –zone=public –add-port=8888/tcp –permanent