On 10/07/2010 01:57 PM, Justin Clift wrote: > On 10/07/2010 10:48 PM, Zdenek Styblik wrote: >> On 10/04/2010 08:13 PM, Laine Stump wrote: > <snip> >>> Exactly one of my points. libvirt really wants (no, *needs*) this to be >>> on for virtual networks, but it's very likely there was a reason for it >>> being turned off, so the admin should at the very least be alerted that >>> it's being turned on, or the fact that it's off should be logged in some >>> way to assure it gets the admin's attention so they can make the proper >>> judgement call. >>> >> >> Only thing that popped in my head was: admin should read documentation :( > > Is this the kind of behavioural thing that we should have a "reasonable > default" for, plus allow for it to be configured differently via > libvirtd.conf? > > were_special_really_really_really_please_dont_enable_ipforwarding = 1 > > :) > Umm I don't know, but this feels as being somewhat out of the context. Ok, I don't think more log bogus will solve anything. Admin should know what software does; software documentation should clearly state what software does and does not. I really don't know what else to say about proposed point :) > >> Once again I'm going to "troll" about this and bundled everything inside >> one thing. As I've said many times already, I'm pro-external things as >> DHCP, firewall ... whatever. On the other hand, I realize the point of >> libvirt might be to ship out-of-the-box solution like it is now. >> I mean, tell admin what to add if he wants this and that; or make >> external hooks, or whatever. That's hard to say, because there is no one >> ultimate solution. > > Using the words "hooks" here makes me wonder if we could do the needed > work through having network hook scripts in place (with appropriate bits > to call them), and whether it would be a useful way of doing things. > (absolutely no idea if it's even feasible. :>) Well, it might not be terminus technicus. I also see that I have unfinished point here. What I meant was and is that eg. DCC has in documentation what rules you have/should add into your firewall to make DCC to work. Hooks as external shell or whatever scripts - truly, I don't know, although that was point of some sort. Zdenek -- Zdenek Styblik Net/Linux admin OS TurnovFree.net email: stybla@xxxxxxxxxxxxxx jabber: stybla@xxxxxxxxxxxxxxxxxxxxx -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list