commit v10.7.0-76-g1a72b83d56 improperly assumed that reloading firewalld wouldn't reset the firewalld zone of libvirt-managed bridge devices. This resulted in loss of networking to guests when something on the host triggered a reload of firewalld rules, reported here: https://issues.redhat.com/browse/RHEL-61576 This new series of patches, reverts that commit, along with commit v10.7.0-78-g200f60b2e1, then reimplements their functionality assuming that a firewalld reload *will* reset the zone of all libvirt-managed bridge devices. Laine Stump (5): Revert "network: *un*set the firewalld zone while shutting down a network" Revert "network: support setting firewalld zone for bridge device of open networks" network: call network(Add|Remove)FirewallRules() for forward mode='open' network: a different way of supporting firewalld zone for mode='open' networks network: a different implementation of *un*setting firewalld zone when network is destroyed src/network/bridge_driver.c | 34 +++---- src/network/bridge_driver_linux.c | 140 ++++++++++++++++----------- src/network/bridge_driver_nop.c | 19 ---- src/network/bridge_driver_platform.h | 4 - src/util/virfirewalld.c | 16 +-- 5 files changed, 102 insertions(+), 111 deletions(-) -- 2.46.1