[PATCH v3 3/5] network: firewalld: add zone for routed networks
This zone will be used for the routed network by default.
Note that this zone definition omits "forward" aka intra-zone
forwarding, because it requires firewalld >= 0.9.0.
Signed-off-by: Eric Garver <eric(a)garver.life>
---
src/network/libvirt-routed.zone | 10 ++++++++++
src/network/meson.build | 5 +++++
2 files changed, 15 insertions(+)
create mode 100644 src/network/libvirt-routed.zone
diff --git a/src/network/libvirt-routed.zone b/src/network/libvirt-routed.zone
new file mode 100644
index 000000000000..ed7dd936a242
--- /dev/null
+++ b/src/network/libvirt-routed.zone
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="utf-8"?>
+<zone>
+ <short>libvirt-routed</short>
+
+ <description>
+ This zone is intended to be used only by routed libvirt virtual networks -
+ libvirt will add the bridge devices for all new virtual networks to this
+ zone by default.
+ </description>
+</zone>
diff --git a/src/network/meson.build b/src/network/meson.build
index 395074a0a0a6..dcb31af6448b 100644
--- a/src/network/meson.build
+++ b/src/network/meson.build
@@ -101,5 +101,10 @@ if conf.has('WITH_NETWORK')
install_dir: prefix / 'lib' / 'firewalld' / 'zones',
rename: [ 'libvirt.xml' ],
)
+ install_data(
+ 'libvirt-routed.zone',
+ install_dir: prefix / 'lib' / 'firewalld' / 'zones',
+ rename: [ 'libvirt-routed.xml' ],
+ )
endif
endif
--
2.35.3