[libvirt-users] disable libvirt-nwfilter
Hi, i want to disable the nwfilter functionality of libvirt. It's surely nice for some people, nevertheless i don't want libvirt to alter any netfilter rules, neither i want the according functionality even available. I know about nwfilter-undefine, but what i'm looking for is an option to globally disable this functionality at all. Some config flag or similar. How can i achieve that? greetings
On 5/6/19 3:44 PM, nakata@geekpit.org wrote:
Hi,
i want to disable the nwfilter functionality of libvirt. It's surely nice for some people, nevertheless i don't want libvirt to alter any netfilter rules, neither i want the according functionality even available.
It's not only NWFilter that will inject firewall rules. Depending on configuration it might also be the default network.
I know about nwfilter-undefine, but what i'm looking for is an option to globally disable this functionality at all. Some config flag or similar. How can i achieve that?
Unless you have a domain <interface/> defined so that it uses a nwfilter then no firwall rules are added by nwfilter code. If you still want to remove nwfilter module then just uninstall it, e.g. via: dnf remove libvirt-daemon-driver-nwfilter libvirt-daemon-config-nwfilter Michal
participants (2)
-
Michal Privoznik -
nakata@geekpit.org