[Pkg-libvirt-maintainers] Bug#568790: libvirt-bin: Isolated network should not have iptables rules added
Daniel Dehennin
daniel.dehennin at baby-gnu.org
Sun Feb 7 19:35:17 UTC 2010
Package: libvirt-bin
Version: 0.7.6-1
Severity: normal
Hello,
I'm defining an isolated network like this:
--8<---------------cut here---------------start------------->8---
<network>
<name>net-lab</name>
<uuid>a1c95060-7fa4-542b-f836-caf8f0e35db6</uuid>
<bridge name='net-lab' stp='on' delay='0' />
</network>
--8<---------------cut here---------------end--------------->8---
I can start it, and I have some iptables rules added:
--8<---------------cut here---------------start------------->8---
Chain INPUT (policy ACCEPT 3 packets, 1684 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- net-lab any anywhere anywhere udp dpt:domain
0 0 ACCEPT tcp -- net-lab any anywhere anywhere tcp dpt:domain
0 0 ACCEPT udp -- net-lab any anywhere anywhere udp dpt:bootps
0 0 ACCEPT tcp -- net-lab any anywhere anywhere tcp dpt:bootps
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- net-lab net-lab anywhere anywhere
0 0 REJECT all -- any net-lab anywhere anywhere reject-with icmp-port-unreachable
0 0 REJECT all -- net-lab any anywhere anywhere reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT 3 packets, 1192 bytes)
pkts bytes target prot opt in out source destination
--8<---------------cut here---------------end--------------->8---
This interfer with my netfilter configuration.
Is there a way to avoid iptables rules to be added, or better, to call a script
for network configuration?
Regards.
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable'), (90, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32+hati.1 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libvirt-bin depends on:
ii adduser 3.112 add and remove users and groups
ii hal 0.5.14-2 Hardware Abstraction Layer
ii libavahi-client3 0.6.25-3 Avahi client library
ii libavahi-common3 0.6.25-3 Avahi common library
ii libc6 2.10.2-5 Embedded GNU C Library: Shared lib
ii libcap-ng0 0.6.2-4+b1 An alternate posix capabilities li
ii libdbus-1-3 1.2.20-2 simple interprocess messaging syst
ii libdevmapper1.02. 2:1.02.39-1 The Linux Kernel Device Mapper use
ii libgcrypt11 1.4.5-2 LGPL Crypto library - runtime libr
ii libgnutls26 2.8.5-2 the GNU TLS library - runtime libr
ii libhal1 0.5.14-2 Hardware Abstraction Layer - share
ii libparted1.8-12 1.8.8.git.2009.07.19-5 The GNU Parted disk partitioning s
ii libpciaccess0 0.11.0-1 Generic PCI access library for X
ii libreadline6 6.1-1 GNU readline and history libraries
ii libsasl2-2 2.1.23.dfsg1-5 Cyrus SASL - authentication abstra
ii libudev0 150-2 libudev shared library
ii libuuid1 2.16.2-0 Universally Unique ID library
ii libvirt0 0.7.6-1 library for interfacing with diffe
ii libxenstore3.0 3.4.2-2 Xenstore communications library fo
ii libxml2 2.7.6.dfsg-2+b1 GNOME XML library
ii logrotate 3.7.8-4 Log rotation utility
Versions of packages libvirt-bin recommends:
ii bridge-utils 1.4-5 Utilities for configuring the Linu
pn dnsmasq-base <none> (no description available)
ii iptables 1.4.6-2 administration tools for packet fi
ii netcat-openbsd 1.89-3 TCP/IP swiss army knife
pn qemu <none> (no description available)
Versions of packages libvirt-bin suggests:
pn policykit-1 <none> (no description available)
-- no debconf information
--
Daniel Dehennin
Récupérer ma clef GPG:
gpg --keyserver pgp.mit.edu --recv-keys 0x6A2540D1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-libvirt-maintainers/attachments/20100207/124182c4/attachment.pgp>
More information about the Pkg-libvirt-maintainers
mailing list