Re: [libvirt] How to prevent libvirt from adding iptables rules?
On Mon, 2009-04-06 at 14:36 +0200, Ludwig Nussel wrote:
SuSEfirewall2 does not have such a mechanism and TBH I pretty much
dislike the idea of allowing applications to inject arbitrary rules.
I'd prefer some higher level abstraction so it's left to the
firewall to decide how to translate the request into actual iptables
rules (or whatever else technology is used in the background).
How would that be done ? I don't know of any tool that could do that,
especially given the large number of existing firewall mgmt tools out
there (s-c-firewall, SuSEfirewall2, whatever Debian/Ubuntu have,
shorewall, pyroman, ...)
David