Re: [libvirt-users] Possible to edit/apply nwfilter at runtime?
On 2018/02/16 12:12 pm, Daniel P. Berrangé wrote:
On Fri, Feb 16, 2018 at 11:59:42AM -0500, Andre Goree wrote:
> I'm trying to determine if it's possible to edit/attach/apply nwfilter
> rules
> at runtime? I.e., after a VM is already running, can I apply a
> nwfilter to
> the VM and have it work without rebooting the machine? Thus far, I've
> not
> come across a way to do so, but I thought I'd ask here before I chase
> my
> tail around Google.
Simply re-define the nwfilter in question using virsh nwfilter-define.
Any VMs using that filter will automatically update.
Regards,
Daniel
--
|: https://berrange.com -o-
https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o-
https://fstop138.berrange.com :|
|: https://entangle-photo.org -o-
https://www.instagram.com/dberrange :|
I've run into an issue here that I thought you might have some insight
on.
I can't seem to "re-define" a nwfilter. I must first 'virsh
nwfilter-undefine' then 'virsh nwfilter-define', or else use 'virsh
nwfilter-edit'. The problem being, I cannot use nwfilter-edit from a
script :/
My real problem is that if I want to add to and/or adjust a filter for a
VM, I basically have to call 'virsh update-device ...' which
unfortunately leaves the VM wide-open for a short period of time, which
is very undesirable.
I wonder if there's a way to edit the nwfilter _without_ libvirt having
to drop the filter for the VM before applying any changes.
--
Andre Goree
-=-=-=-=-=-
Email - andre at drenet.net
Website - http://blog.drenet.net
PGP key - http://www.drenet.net/pubkey.html
-=-=-=-=-=-