On 2018/02/16 12:12 pm, Daniel P. Berrangé wrote:
On Fri, Feb 16, 2018 at 11:59:42AM -0500, Andre Goree wrote:
I'm trying to determine if it's possible to edit/attach/apply nwfilter rules at runtime? I.e., after a VM is already running, can I apply a nwfilter to the VM and have it work without rebooting the machine? Thus far, I've not come across a way to do so, but I thought I'd ask here before I chase my tail around Google.
Simply re-define the nwfilter in question using virsh nwfilter-define. Any VMs using that filter will automatically update.
Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
I've run into an issue here that I thought you might have some insight on. I can't seem to "re-define" a nwfilter. I must first 'virsh nwfilter-undefine' then 'virsh nwfilter-define', or else use 'virsh nwfilter-edit'. The problem being, I cannot use nwfilter-edit from a script :/ My real problem is that if I want to add to and/or adjust a filter for a VM, I basically have to call 'virsh update-device ...' which unfortunately leaves the VM wide-open for a short period of time, which is very undesirable. I wonder if there's a way to edit the nwfilter _without_ libvirt having to drop the filter for the VM before applying any changes. -- Andre Goree -=-=-=-=-=- Email - andre at drenet.net Website - http://blog.drenet.net PGP key - http://www.drenet.net/pubkey.html -=-=-=-=-=-