[libvirt-users] Best practice for custom iptables rules
ZeroUno
zerozerounouno at gmail.com
Thu Jan 9 12:07:08 UTC 2014
Il 09/01/14 11:38, ZeroUno ha scritto:
> Il 08/01/14 16:17, Laine Stump ha scritto:
>> http://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections
>
> interesting!), AFAICT this might help with adding rules to the NAT
> table, which was the first part of my question, but does not help with
...also, it appears that the hook script /etc/libvirt/hooks/daemon to be
called when the libvirt daemon is started is actually called _before_
libvirt adds its own iptables rules, because I am not able to insert my
custom rule at the top of the chain.
Maybe I might use the qemu script which is called each time a guest is
started/stopped, by inserting some checks to prevent duplicates, but it
becomes even more "hackish"... :)
--
01
More information about the libvirt-users
mailing list