Re: [libvirt-users] UDP broadcasts vs. nat Masquerading issue
On Fri, Jul 05, 2019 at 07:26:41PM +0300, Nikolai Zhubr wrote:
Hi Daniel and Laine,
[...]
> > -A POSTROUTING -o br0 -j MASQUERADE
> > -A POSTROUTING -o enp0s25 -j MASQUERADE
> > -A POSTROUTING -o virbr2_nic -j MASQUERADE
> > -A POSTROUTING -o vnet0 -j MASQUERADE
>
> *None* of those rules were added by libvirt (unless your build of
[...]
> You can verify my "counter-claim" by running "virsh net-destroy"
for all
> of your libvirt networks, and seeing that the offending rules haven't
> been removed.
>
> In short, you need to look elsewhere for the culprit.
Yes, found it. You were both right, essentially.
The offending rules were added by a firewall in response to new interfaces
created by libvirt dynamically, due to some dubious relict settings left in
the firewall. (Silly me.)
So this it not an issue of libvirt indeed!
Tons of thanks for the quick and precise hit!
No worries, thanks for confirming the root cause you found too.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|