[Pkg-libvirt-maintainers] Bug#549949: Bug#549949: Bug#549949: libvirt-bin: starting network failed because of iptables rule

Guido Günther agx at sigxcpu.org
Tue Oct 6 20:14:10 UTC 2009 

On Tue, Oct 06, 2009 at 08:30:08PM +0200, Daniel Huhardeaux wrote:
> Guido Günther a écrit :
> >On Tue, Oct 06, 2009 at 06:07:49PM +0200, Daniel Huhardeaux wrote:
> >>Daniel a écrit :
> >>>Package: libvirt-bin
> >>>Version: 0.7.1-1
> >>>Severity: important
> >>>
> >>>
> >>>Iptable failed to start because of --destination ! <net> insteed of ! --destination <net>
> >>>virsh # net-start router
> >>>error: Failed to start network router
> >>>error: internal error '/sbin/iptables --table nat --delete POSTROUTING --source 192.168.110.0/255.255.255.0 --destination ! 192.168.110.0/255.255.255.0 --out-interface wlan0 --jump MASQUERADE' exited with non-zero status 1 and signal 0: Using intrapositioned negation (`--option ! this`) is deprecated in favor of extrapositioned (`! --option this`).
> >>>iptables: No chain/target/match by that name.
> >>Problem is not iptables related, it's that there is no network
> >>interface in this IP range.
> >Do you have the Recommends: of libvirt-bin installed? Can you attach the
> >complete log of libvirtd?
> 
> All needed packages are installed (see list given by reportbug). I
> can start VMs without network.
> 
> Something seems messi with my network setup. I don't have any iface
> in the 192.168.110.0/24 range, that's why the delete rule failed.
Could you check if this helps (untested):


diff --git a/src/network_driver.c b/src/network_driver.c
index 49855bf..d673921 100644
--- a/src/network_driver.c
+++ b/src/network_driver.c
@@ -751,16 +751,15 @@ static void
 networkRemoveIptablesRules(struct network_driver *driver,
                          virNetworkObjPtr network) {
     if (network->def->forwardType != VIR_NETWORK_FORWARD_NONE) {
-        iptablesRemoveForwardMasquerade(driver->iptables,
-                                        network->def->network,
-                                        network->def->forwardDev);
-
-        if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT)
+        if (network->def->forwardType == VIR_NETWORK_FORWARD_NAT) {
+            iptablesRemoveForwardMasquerade(driver->iptables,
+                                                network->def->network,
+                                                network->def->forwardDev);
             iptablesRemoveForwardAllowRelatedIn(driver->iptables,
                                                 network->def->network,
                                                 network->def->bridge,
                                                 network->def->forwardDev);
-        else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
+        } else if (network->def->forwardType == VIR_NETWORK_FORWARD_ROUTE)
             iptablesRemoveForwardAllowIn(driver->iptables,
                                          network->def->network,
                                          network->def->bridge,


Cheers,
 -- Guido

More information about the Pkg-libvirt-maintainers mailing list