On Sun, Nov 17, 2019 at 11:28 PM Patrick O'Callaghan <pocallaghan@xxxxxxxxx> wrote: > On Sun, 2019-11-17 at 21:03 +0100, Tom H wrote: >> On Sun, Nov 17, 2019 at 10:14 AM Ed Greshko <ed.greshko@xxxxxxxxxxx> wrote: > > Of course. Note that virbr0 was already in the libvirt zone. I > didn't add it explicitly as far as I can recall. In fact I did > notice that whenever a VM started up (via virt-manager) I got a > popup from the firewall applet to say that virbr0 was in the > libvirt zone, but the applet itself always incorrectly showed > virbr0 in my default zone (home) as Ed has already mentioned. > >> Comment from the libvirt source >> >> /* if firewalld is active, try to set the "libvirt" zone. This is >> * desirable (for consistency) if firewalld is using the iptables >> * backend, but is necessary (for basic network connectivity) if >> * firewalld is using the nftables backend >> */ >> >> So it's an nftables requirement. > > I've never heard of nftables. I assumed that iptables was the > backend. iptables is still the firewalld backend in Fedora. _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
