[PATCH 2/4] network: firewalld: add zone for routed networks

Eric Garver <eric@xxxxxxxxxxx> · Wed, 11 May 2022 11:41:53 -0400

This zone will be used for the routed network by default.

Signed-off-by: Eric Garver <eric@xxxxxxxxxxx>
---
 src/network/libvirt-routed.zone | 12 ++++++++++++
 src/network/meson.build         |  5 +++++
 2 files changed, 17 insertions(+)
 create mode 100644 src/network/libvirt-routed.zone

diff --git a/src/network/libvirt-routed.zone b/src/network/libvirt-routed.zone
new file mode 100644
index 000000000000..9cc6cacc2f8a
--- /dev/null
+++ b/src/network/libvirt-routed.zone
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="utf-8"?>
+<zone>
+  <short>libvirt-routed</short>
+
+  <description>
+    This zone is intended to be used only by routed libvirt virtual networks -
+    libvirt will add the bridge devices for all new virtual networks to this
+    zone by default.
+  </description>
+
+  <forward />
+</zone>
diff --git a/src/network/meson.build b/src/network/meson.build
index 3dd342639a46..cd52e2a54c28 100644
--- a/src/network/meson.build
+++ b/src/network/meson.build
@@ -100,6 +100,11 @@ if conf.has('WITH_NETWORK')
       install_dir: prefix / 'lib' / 'firewalld' / 'zones',
       rename: [ 'libvirt.xml' ],
     )
+    install_data(
+      'libvirt-routed.zone',
+      install_dir: prefix / 'lib' / 'firewalld' / 'zones',
+      rename: [ 'libvirt-routed.xml' ],
+    )
     install_data(
       'libvirt-to-host.policy',
       install_dir: prefix / 'lib' / 'firewalld' / 'policies',
-- 
2.33.0







