[Pkg-libvirt-maintainers] Bug#636712: Bug#636712: libvirt-bin: cannot create rule since iptables tool is missing with custom nwfilters
Guido Günther
agx at sigxcpu.org
Mon Aug 8 22:47:28 UTC 2011
On Fri, Aug 05, 2011 at 05:05:23PM +0200, Luca Capello wrote:
> Package: libvirt-bin
> Version: 0.8.3-5+squeeze2
> Severity: important
>
> Hi there!
>
> I would like to add network filters [1] to accept various kind of
> incoming traffics (e.g. HTTP) and thus I read the documentation at:
>
> <http://libvirt.org/formatnwfilter.html>
>
> [1] despite myself not being a firewall guru, I fail to understand why
> we need yet another format to define filters instead of using the
> iptables syntax by default or adding something like the ifupdown's
> options (in this case post-up and pre-down)...
Getting the variable replacements and priorities implemented is easier
with XML. I agree that having this better integrated into ifupdown would
be nice though.
Cheers,
-- Guido
More information about the Pkg-libvirt-maintainers
mailing list