On Sun, Sep 29, 2024 at 16:04:12 -0400, Laine Stump wrote: > Signed-off-by: Laine Stump <laine@xxxxxxxxxx> > --- > > NEWS.rst | 25 +++++++++++++++++++++++++ > 1 file changed, 25 insertions(+) > > diff --git a/NEWS.rst b/NEWS.rst > index beea8221e1..617af915b3 100644 > --- a/NEWS.rst > +++ b/NEWS.rst > @@ -19,6 +19,19 @@ v10.8.0 (unreleased) > > * **Improvements** > > + * network: make networks with <forward mode='open'/> more useful Please put the XML element in double-backticks ``<asdf>`` to make them monospace/code in the output in the few instances below. > + > + It is now permissable to have a <forward mode='open'> network that > + has no IP address assigned to the host's port of the bridge. This > + is the only way to create a libvirt network where guests are > + unreachable from the host (and vice versa) and also 0 firewall > + rules are added on the host. > + > + It is now also possible for a <forward mode='open'/> network to > + use the "zone" attribute of <bridge> to set the firewalld zone of > + the bridge interface (normally it would not be set, as is done > + with other forward modes).
