On 01/10/2014 06:02 PM, ZeroUno wrote: > Il 09/01/14 13:40, Laine Stump ha scritto: > >> you asked for "best", not "ideal" :-) Aside from eliminating all use of > > ;) > >> solve by itself. But that same paragraph also tells you how to have the >> iptables service signal libvirt to reload its iptables rules. > > Sorry, what do you mean? I'm not able to find such an indication in > that page... Hmm, I guess you're right - the final paragraph of http://libvirt.org/firewall.html doesn't tell you *how* to do that, it just tells you that you need to. Depending on your Linux distro and version, you could do this with a local modification to the script that starts/stops the iptables service - e.g. /usr/libexec/iptables/iptables.init when systemd is in use, or /etc/init.d/iptables for for initscripts. Of course this is also a hack, as it's liable to be overwritten when the iptables package is updated :-( _______________________________________________ libvirt-users mailing list libvirt-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvirt-users
