Hello @ all
The libvirt-daemon compromises the packet-filtering-rules at daemon-startup, before any VM
is started. To prevent this, I first
have create a hook-script which deletes existing rules, but apparently these rules are set
after the hook. Removing the defined
networks was no solution either. Worst of all is, a service restart of the daemon may even
completely neutralize the firewall.
Is there a solution to prevent this undesirable behavior? No matter how or who what do or
with what network configuration a VM
is started, the daemon must not compromise the firewall, by altering them. The Firewall is
untouchable and taboo.
What can I do to disable that? Thank you!
Best Regards
Tom
$ dpkg -l libvirt-daemon
||/ Name Version Architektur Beschreibung
+++-=========================-============-============-==================================
ii libvirt-daemon 5.0.0-4 amd64 Virtualization daemon
$ lsb_release -a
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster