On 3/26/2014 3:50 PM, Brian Rak wrote: This is no where close to an optimal solution, but the following python script will kick off a reload of all the defined nwfilter rulesets (assuming they have at least one rule with a <mac> match present. In our environment, they do, so this works okay. Did I mention what a terrible hack this is? #!/usr/bin/python2.7 FILTERS_TO_RELOAD = [ 'clean-traffic', 'my-filter', ] import libvirt, time from xml.etree import ElementTree conn = libvirt.open(None) if conn == None: critical('Failed to connect') sys.exit(1) for id in conn.listAllNWFilters(): if not id.name() in FILTERS_TO_RELOAD: continue print "Reloading ", id.name() myxml = id.XMLDesc() tree = ElementTree.fromstring(myxml) mac = tree.findall('rule/mac')[-1] mac.set('comment','reloaded at '+time.strftime('%F %T')) myxml = ElementTree.tostring(tree) conn.nwfilterDefineXML(myxml).XMLDesc() It looks like the actual function I want is either virNWFilterTriggerVMFilterRebuild or virNWFilterInstFiltersOnAllVMs, but I can't seem to figure out how to get virsh to be able to access either of these.