[PATCH 2/4] network: firewalld: add zone for routed networks
Eric Garver
eric at garver.life
Wed May 11 15:41:53 UTC 2022
This zone will be used for the routed network by default.
Signed-off-by: Eric Garver <eric at garver.life>
---
src/network/libvirt-routed.zone | 12 ++++++++++++
src/network/meson.build | 5 +++++
2 files changed, 17 insertions(+)
create mode 100644 src/network/libvirt-routed.zone
diff --git a/src/network/libvirt-routed.zone b/src/network/libvirt-routed.zone
new file mode 100644
index 000000000000..9cc6cacc2f8a
--- /dev/null
+++ b/src/network/libvirt-routed.zone
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?>
+<zone>
+ <short>libvirt-routed</short>
+
+ <description>
+ This zone is intended to be used only by routed libvirt virtual networks -
+ libvirt will add the bridge devices for all new virtual networks to this
+ zone by default.
+ </description>
+
+ <forward />
+</zone>
diff --git a/src/network/meson.build b/src/network/meson.build
index 3dd342639a46..cd52e2a54c28 100644
--- a/src/network/meson.build
+++ b/src/network/meson.build
@@ -100,6 +100,11 @@ if conf.has('WITH_NETWORK')
install_dir: prefix / 'lib' / 'firewalld' / 'zones',
rename: [ 'libvirt.xml' ],
)
+ install_data(
+ 'libvirt-routed.zone',
+ install_dir: prefix / 'lib' / 'firewalld' / 'zones',
+ rename: [ 'libvirt-routed.xml' ],
+ )
install_data(
'libvirt-to-host.policy',
install_dir: prefix / 'lib' / 'firewalld' / 'policies',
--
2.33.0
More information about the libvir-list
mailing list