[libvirt] network filters not working at all in 0.9.2
Hi there, is just upgraded to libvirt 0.9.2 and restarted my domains but now all network filters are gone. Why does libvirt not set iptables configuration while filterref clause exists? Is this a known bug? How can I fix it. Restarting / redefining doesn't output any errors. Example config XML of domain: ... <filterref filter='clean-traffic'> <parameter name='IP' value='192.168.2.34'/> </filterref> ... # virsh -v 0.9.2 # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:bootps ACCEPT tcp -- anywhere anywhere tcp dpt:bootps Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination
On 06/30/2011 09:05 PM, xxyton wrote:
Hi there,
is just upgraded to libvirt 0.9.2 and restarted my domains but now all network filters are gone. Why does libvirt not set iptables configuration while filterref clause exists? Is this a known bug? How can I fix it. Restarting / redefining doesn't output any errors.
Example config XML of domain: ... <filterref filter='clean-traffic'> <parameter name='IP' value='192.168.2.34'/> </filterref> ...
With this filter you should only see something after a 'ebtables -t nat -L'. Stefan
participants (2)
-
Stefan Berger -
xxyton