On 2020-06-26 00:49, Eric Garver wrote:
There are two things:
1) the libvirt zone
- these are managed through firewalld and visible in firewalld UIs
2) libvirt's iptables rules
- there are completely separate and independent from firewalld
- this is what's blocking the traffic to your VM
And there is no way to see what those rules are and verify this? I'd like to submit
a bugzilla, so would you know what component it should be filed against?
> Also, wouldn't one expect the rules to be the same for IPv4 and IPv6?Â
> Hope the network diagram attachment
> makes it.
I don't recall what libvirt does for IPv6. But it's a different matter
because IPv6 likely is using NAT/masquerade.
Well, all of my IPv6 addresses are public and assigned by my ISP. I don't think
there
is NAT/masquerading needed/involved.