Re: Firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Dec 08, 2010 at 03:53:34AM +0100, Matej Cepl wrote:
> Dne 7.12.2010 22:30, Richard W.M. Jones napsal(a):
> > The issue we face with libvirt is it needs to be able to add extra
> > rules to the existing firewall, and have those rules added in the
> > right place, and preserved across firewall restarts, reboots and so
> > on.  There are other services which need to add rules too (see cups
> > mentioned previously in this thread).
> 
> a) libvirt somehow manages to work just fine on my computer even with my
> script, so why to change it?

libvirtd (the daemon) does currently add firewall rules, and those
rules are necessary.  If you restart the iptables service, or
otherwise drop those rules, all your guests will lose their network.
Either you're not using libvirtd, not running guests, or not rerunning
your firewall script.  In any case, a fixed shell script is not
flexible enough for libvirt and some other services.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines.  Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux