Hi all!, I have a setup in which I want to NAT several Virtual Machines from the host based on ports all of them running CentOS 7.1. The idea is I have several different services running in different VMs and all of them are accessible from the host using different ports that are forwarded to the correct ones in the VMs. I’ve been able to set this up and running configuring the VMs with a virtio network interface and command line redirection on the XML configuration file. However, it is proving to be non stable. Even though VMs are running ok, connection is not possible at some stage until the VM is rebooted and it looks like the port forwarding is not working anymore. I wrote a small script that adds and deletes rules for port forwarding triggered by the qemu hooks and that has brought the needed stability but I’d like to go to a cleaner solution based on firewall-cmd or get rid of it in case it’s possible. On the first draft that I’m using firewall-cmd instead of the iptables rules, it proves to be as unstable as without the qemu hook script. My fear is I’m not configuring libvirt properly. Has anyone experienced such this behaviour and can point me to a better solution?. Thanks for your time, Nacho