[Pkg-libvirt-maintainers] Bug#592177: libvirt-bin: starting a network generates iptables errros

[Guido Günther]

On Sun, Aug 08, 2010 at 02:37:07AM +0200, Achim Schaefer wrote:
> Package: libvirt-bin
> Version: 0.8.2-1
> Severity: important
> 
> Hi,
> 
> whenever I try to start a network I get this:
> virsh # net-start default
> error: Failed to start network default
> error: internal error '/sbin/iptables --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 69 --jump ACCEPT' exited with non-zero status 1 and signal 0: iptables: Bad rule (does a matching rule exist in that chain?).
> 
> The xml is:
> virsh # net-dumpxml default
> <network>
>   <name>default</name>
>   <uuid>e476de92-b114-a4b5-ffa1-7b8026db4f74</uuid>
>   <forward mode='nat'/>
>   <bridge name='virbr0' stp='on' delay='0' />
>   <ip address='192.168.122.1' netmask='255.255.255.0'>
>     <dhcp>
>       <range start='192.168.122.2' end='192.168.122.254' />
>     </dhcp>
>   </ip>
> </network>
> 
> virsh # 
> 
> Thanks

I can reproduce this now. It only happens if you restart libvirt: 

virsh net-start default
/etc/init.d/libvirt-bin restart
virsh net-destroy default
virsh net-start default
# error: internal error '/sbin/iptables --table filter --delete INPUT --in-interface virbr0 --protocol udp --destination-port 69 --jump ACCEPT' exited with non-zero status 1 and signal 0: iptables: Bad rule (does a matching rule exist in that chain?).
killall dnsmasq
# now works as expeced:
virsh net-start default
virsh net-destroy default
virsh net-start default

After the stop the dnsmasq processes are still around. If one kills them
manually starting and stopping networks works as expected until the next
daemon restart. Libvirt should notice the running dnsmasq process and
network setup (as it does with virtual machines).
Cheers,
 -- Guido