Il 08/01/14 16:17, Laine Stump ha scritto:
On 01/08/2014 01:43 PM, ZeroUno wrote:
Also, regarding the "iptables restart problem" described in the last
paragraph at <http://libvirt.org/firewall.html>, is there really no
acceptable way to make libvirt add its rules back automatically upon
iptables/network restart?
Take a look at this, it may help you:
http://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections
Uhm, apart from the fact that the page clearly states this is a "hack",
so it's far from being a best practice (although surely easy and
interesting!), AFAICT this might help with adding rules to the NAT
table, which was the first part of my question, but does not help with
the network restart issue because hook scripts are only called upon
libvirt events: libvirt daemon start/stop, guest start/stop...
Did I understand correctly?
(Recently libvirt gained the ability for an application to register
functions that will be called when a network is
defined/undefined/started/stopped, but using that would require an
application to be running which registered the necessary callback
functions; not nearly as simple as stuffing a shell script into
Indeed, looks like this would be overkill for my needs.
Thank you!
--
01
_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users
