On Wed, Oct 05, 2011 at 09:04:11AM -0700, David Stevens wrote:
"Daniel P. Berrange" <berrange@redhat.com> wrote on 10/05/2011 08:43:45 AM:
This sounds like it is introducing a backwards compatibility problem wrt older libvirt deployments using NW Filters.
I don't think so. Again, only if someone has modified a standard filter would they have to make those same modifications to the new set. The default value wouldn't need to change, but they are all ending with "-j DROP" otherwise.
What if they have created their own custom filters and written their filter on the assumption that the default policy was ACCEPT ? Surely this change will break their filter ? Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|