[libvirt] network filters not working at all in 0.9.2
by xxyton
Hi there,
is just upgraded to libvirt 0.9.2 and restarted my domains but now all
network filters are gone.
Why does libvirt not set iptables configuration while filterref clause
exists?
Is this a known bug? How can I fix it.
Restarting / redefining doesn't output any errors.
Example config XML of domain:
...
<filterref filter='clean-traffic'>
<parameter name='IP' value='192.168.2.34'/>
</filterref>
...
# virsh -v
0.9.2
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 state
RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with
icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with
icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
13 years, 9 months
- 2
- 1