[libvirt-users] problem with nwfilter direction='out'

i test the following simple filter <filter name='nwfilter-test-fedora2' chain='root'> <uuid>ccbd255f-4be5-4f0f-8835-770ea40cb2c9</uuid> <rule action='accept' direction='out' priority='500'> <tcp dstipaddr='10.1.24.0' dstipmask='24' comment='test test test'/> </rule> </filter> but i get strange results (look at the attached output of iptables-save) for me it looks like the direction='out' filters are attached to every chain for this domain. additional there are wrong conntrack, state and ctdir matches. is this a bug or my fault? /stephan -- Software is like sex, it's better when it's free!