Re: [libvirt] [PATCH] Add support for firewalld
On 04/23/2012 05:11 PM, Thomas Woerner wrote:
Add support for firewalld
* bridge_driver, nwfilter_driver: new dbus filters to get FirewallD1.Reloaded
signal and DBus.NameOwnerChanged on org.fedoraproject.FirewallD1
* iptables, ebtables, nwfilter_ebiptables_driver: use firewall-cmd direct
passthrough interface
After some more massaging of the nwfilter code, my suggestion would now
be to split this patch up into two parts, one touching the nwfilter
driver, the other (1st) part for the rest. I did a lot of changes in the
nwfilter driver that I can send you and you may want to merge or I can
merge it with your nwfilter-related code changes.
It seems to be working when using the firewall-cmd, but unfortunately
running the TCK test suite for example is like 8 times slower when using
firewalld. Also the VM startup times have significantly increased. :-((
Is this scheduled to be included in the next libvirt release ? I guess
architecturally it also is needed for FC 17, so is the plan then to
include the latest version of libvirt with firewalld support in FC17?
Stefan