On 12/14/20 12:05 AM, John Hurnett wrote:
Hi, I can't get iptables to work in libvirt-lxc containers. "iptables -L" command shows empty chains. However I tested the same scenario with pure lxc and iptables works as it should. Has anyone experienced that? It seems like a bug, but maybe there is some libvirt xml parameter I am missing? BR
Libvirt will create a private network NS if: 1) you have an <interface/> defined for your container, or 2) <privnet/> exists under <features/> This is documented here: https://libvirt.org/drvlxc.html#securenetworking And private network NS also means separate firewall and its tables. Michal
