Thank you all very much,for replying. Can I ask the following questions :
1. are the fw rules added by libvirtd, hardcoded in libvirtd source code or editable ? 2. can a sys admin enable ou disable these rules inclusion (ie set a paramater somewhere so that these rules are or are not included in currently running firewall) ? Given the variety of roles a Linux host can run, having a single set of rules to fit all these roles is impossible. Giving sys admins the keys (documentation, examples, ...) to let them tune whatever they need is enough.
