Thanks Tom, Justin,<br><br>Bug #227011 explains what I&#39;m experiencing. <br><br>This technology has great potential to be used in mission-critical systems, but issues like this one might be holding back its success. <br>
<br>I hope a suitable solution can be found soon ...<br><br>Thanks again,<br><br>Daniel<br><br><div class="gmail_quote">2010/1/25 Justin M. Forbes <span dir="ltr">&lt;<a href="mailto:jmforbes@linuxtx.org">jmforbes@linuxtx.org</a>&gt;</span><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="im">On Mon, Jan 25, 2010 at 07:58:05PM +0000, Daniel Sanabria wrote:<br>
&gt; Hi All,<br>
&gt;<br>
&gt; I noticed that if I turn on the libvirtd service via chkconfig it ends up<br>
&gt; breaking my iptables by adding duplicated rules.<br>
&gt;<br>
<br>
<br>
&gt;<br>
</div><div class="im">&gt; Has anyone experienced this? Is there another file that libvirtd uses to<br>
&gt; manipulate iptables?<br>
&gt;<br>
<br>
</div>libvirt has no sane was of integrating with iptables<br>
<br>
We simply need a way to say to iptables &quot;we&#39;ve added these rules, please<br>
load them when you restart&quot; without overwriting the current configuration.<br>
We also need lokkit/system-config-firewall to not overwrite these rules when<br>
the user modifies the configuration.<br>
<br>
The whole sorry saga is well documented in bug #227011<br>
<font color="#888888"><br>
<br>
Justin<br>
</font></blockquote></div><br>