On Mon, Jan 25, 2010 at 07:58:05PM +0000, Daniel Sanabria wrote:
Hi All,
I noticed that if I turn on the libvirtd service via chkconfig it ends up
breaking my iptables by adding duplicated rules.
Has anyone experienced this? Is there another file that libvirtd uses to
manipulate iptables?
libvirt has no sane was of integrating with iptables
We simply need a way to say to iptables "we've added these rules, please
load them when you restart" without overwriting the current configuration.
We also need lokkit/system-config-firewall to not overwrite these rules when
the user modifies the configuration.
The whole sorry saga is well documented in bug #227011
Justin