On Mon, Oct 07, 2024 at 00:19:36 -0400, Laine Stump wrote: > commit v10.7.0-76-g1a72b83d56 improperly assumed that reloading > firewalld wouldn't reset the firewalld zone of libvirt-managed bridge > devices. This resulted in loss of networking to guests when something > on the host triggered a reload of firewalld rules, reported here: > > https://issues.redhat.com/browse/RHEL-61576 > > This new series of patches, reverts that commit, along with commit > v10.7.0-78-g200f60b2e1, then reimplements their functionality assuming > that a firewalld reload *will* reset the zone of all libvirt-managed > bridge devices. > > Laine Stump (5): > Revert "network: *un*set the firewalld zone while shutting down a > network" > Revert "network: support setting firewalld zone for bridge device of > open networks" > network: call network(Add|Remove)FirewallRules() for forward > mode='open' > network: a different way of supporting firewalld zone for mode='open' > networks > network: a different implementation of *un*setting firewalld zone when > network is destroyed > > src/network/bridge_driver.c | 34 +++---- > src/network/bridge_driver_linux.c | 140 ++++++++++++++++----------- > src/network/bridge_driver_nop.c | 19 ---- > src/network/bridge_driver_platform.h | 4 - > src/util/virfirewalld.c | 16 +-- > 5 files changed, 102 insertions(+), 111 deletions(-) Reviewed-by: Jiri Denemark <jdenemar@xxxxxxxxxx>
