On 12/12/2011 14:20, Hansa wrote > Hi there, > > When creating a VM with a persistent virtual network, libvirt creates > an XML file with firewall definitions and stores it in > /etc/libvirt/<hypervisor>/networks/. The XML file is (to my knowledge) > incompatible with iptables-restore. Therefore you cant manage your > firewall with other iptables (GUI) tools unless libvirt lets you a) > import extra rules, b) has an option to export the XML rules into > iptables-save format or c) something else. If a) , b) or c) is possible > then this discussion is of course useless and I would be pleased to > know how its done :) > > If not, then lets get the discussion started. > IMHO, saving rules into XML instead of using iptables-save is absurd > since youll have to code stuff which is already coded. Also youll > make it incompatible with the tools which are readily available. Why go > for this approach and what do we get from it? > > Best regards, > > -Hansa
Bump... Why does libvirt use XML firewall rules? _______________________________________________ libvirt-users mailing list libvirt-users@redhat.com https://www.redhat.com/mailman/listinfo/libvirt-users
