[libvirt] is there a way to convert vm's filter into comandline
Daniel P. Berrange
berrange at redhat.com
Thu Mar 27 10:57:23 UTC 2014
On Thu, Mar 27, 2014 at 09:20:23AM +0800, bigclouds wrote:
> hi,all
>
> is there a way to convert vm's filter into comandline, i think it is useful.
> if there is the functionality, so you think it is worthy to be done.
Currently the nwfilter driver generates horrible hacky shell scripts which
run a variety of (eb|ip)tables commands. I'm killing all of the shell
script code so that we can directly invoke iptables or talk to firewalld
over DBus. The commands we will generate though won't be suitable for a
user to run directly, because libvirt will parse the output of some
commands in order to determine what subsequent commands to run. This
kind of logic isn't something you can just "export" from libvirt, so
what you suggest isn't really practical
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list