[libvirt-users] Routed network w/o libvirt adding iptables rules
Gao Yongwei
itxx00 at gmail.com
Wed Feb 27 02:56:04 UTC 2013
2013/2/26 Nils Toedtmann <lists at nils.toedtmann.net>
> Hello
>
> In the case of a "routed" libvirt network, is there a way to prevent
> libvirt from adding *any* iptables rules? Or at least to stop libvirt
> from inserting its rules at the *top* of the chains (which renders
> previously inserted rules useless)?
>
>
>
> I have VPN tunnels connecting VMs with each other and with clients, and
> the default rules generated by libvirt are not right for my use case.
>
> The firewall rulesets i actually need are quite simple. I am very happy
> to manage them outside libvirt.
>
>
>
> I am thinking of replacing /sbin/iptables with a dummy, but that is a
> last ressort which i hope is not necessary.
>
>
>
> Please advise /nils.
>
>
>
> PS: See also long standing libvirt issues:
>
> * https://bugzilla.redhat.com/show_bug.cgi?id=533193
> * https://bugzilla.redhat.com/show_bug.cgi?id=689377
>
> I can reproduce the issue in bug 689377 ,
https://bugzilla.redhat.com/show_bug.cgi?id=689377#c3 .
This problem has troubled me for a long time.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20130227/d144453a/attachment.htm>
More information about the libvirt-users
mailing list