2013/2/26 Nils Toedtmann <[email protected]>
> Hello > > In the case of a "routed" libvirt network, is there a way to prevent > libvirt from adding *any* iptables rules? Or at least to stop libvirt > from inserting its rules at the *top* of the chains (which renders > previously inserted rules useless)? > > > > I have VPN tunnels connecting VMs with each other and with clients, and > the default rules generated by libvirt are not right for my use case. > > The firewall rulesets i actually need are quite simple. I am very happy > to manage them outside libvirt. > > > > I am thinking of replacing /sbin/iptables with a dummy, but that is a > last ressort which i hope is not necessary. > > > > Please advise /nils. > > > > PS: See also long standing libvirt issues: > > * https://bugzilla.redhat.com/show_bug.cgi?id=533193 > * https://bugzilla.redhat.com/show_bug.cgi?id=689377 > > I can reproduce the issue in bug 689377 , https://bugzilla.redhat.com/show_bug.cgi?id=689377#c3 . This problem has troubled me for a long time.
_______________________________________________ libvirt-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvirt-users
