Prevent the firewall from being compromised through libvirtd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello @ all

The libvirt-daemon compromises the packet-filtering-rules at daemon-startup, before any VM is started. To prevent this, I first have create a hook-script which deletes existing rules, but apparently these rules are set after the hook. Removing the defined networks was no solution either. Worst of all is, a service restart of the daemon may even completely neutralize the firewall.

Is there a solution to prevent this undesirable behavior? No matter how or who what do or with what network configuration a VM is started, the daemon must not compromise the firewall, by altering them. The Firewall is untouchable and taboo.

What can I do to disable that? Thank you!

Best Regards
Tom



$ dpkg -l libvirt-daemon
||/ Name                     Version      Architektur  Beschreibung
+++-=========================-============-============-==================================
ii  libvirt-daemon           5.0.0-4      amd64        Virtualization daemon

$ lsb_release -a
Distributor ID:	Debian
Description:	Debian GNU/Linux 10 (buster)
Release:	10
Codename:	buster






[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux