On 01/18/2013 12:44 AM, Reinier Schoof wrote:
Op 17-1-2013 19:33, Eric Blake schreef:
On 01/17/2013 04:24 AM, Reinier Schoof wrote:
--- src/nwfilter/nwfilter_ebiptables_driver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
On a side note, please be aware that when upgrading to a libvirt version with this patch included, libvirt will not be able to remove the earlier ip(6)tables rules without the '--physdev-is-bridged' addition. When restarting libvirt, it will look for rules that match with '--physdev-is-bridged' and since that wasn't there before, you'll end up with a duplicate/malfunctioning ruleset. You'll have to remove these rules/chains manually.
Can we be nicer than that? That is, can we teach the removal code to recognize rules from the older libvirt, so that upgrades are smooth? -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org