On Thu, Dec 10, 2009 at 11:27:53AM +0000, Mark McLoughlin wrote: > Long ago we tried to use Fedora's lokkit utility in order to register > our iptables rules so that 'service iptables restart' would > automatically load our rules. > > There was one fatal flaw - if the user had configured iptables without > lokkit, then we would clobber that configuration by running lokkit. > > We quickly disabled lokkit support, but never removed it. Let's do > that now. > > The 'my virtual network stops working when I restart iptables' still > remains. For all the background on this saga, see: > > https://bugzilla.redhat.com/227011 > > * src/util/iptables.c: remove lokkit support > > * configure.in: remove --enable-lokkit > > * libvirt.spec.in: remove the dirs used only for saving rules for lokkit > > * src/Makefile.am: ditto > > * src/libvirt_private.syms, src/network/bridge_driver.c, > src/util/iptables.h: remove references to iptablesSaveRules > --- > configure.in | 21 ---- > libvirt.spec.in | 3 - > src/Makefile.am | 4 - > src/libvirt_private.syms | 1 - > src/network/bridge_driver.c | 3 - > src/util/iptables.c | 218 ------------------------------------------- > src/util/iptables.h | 1 - > 7 files changed, 0 insertions(+), 251 deletions(-) ACK, I meant to send this myself in fact. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list