[Pkg-libvirt-maintainers] Bug#938929: Dependency problem with iptables and libvirt-daemon-system
Daniel
33.368460088 at tootai.net
Sat Dec 18 15:32:43 GMT 2021
Dear maintainer,
this problem is still existing with Debian 11.2 and is really annoying.
VMs are not started because network is not up. While starting the
network we get
virsh# net-start route
erreur :Impossible de démarrer le réseau route
erreur :internal error: Failed to apply firewall rules
/usr/sbin/iptables -w --table filter --list-rules: # Warning:
iptables-legacy tables present, use iptables-legacy to see them
iptables v1.8.7 (nf_tables): table `filter' is incompatible, use 'nft' tool.
Same info for ip6tables.
We are using nftables and loading rule on boot with
nft flush ruleset && nft -f rules.file
If we remove iptables libvirt-daemon-system is removed too !
To get everything working well again after a reboot:
virsh# exit
sudo systemctl stop libvirtd
sudo nft flush ruleset
sudo apt reinstall libvirt-daemon-system (which will reinstall iptables too)
sudo systemctl start libvirtd
sudo virsh
virsh# net-start route
and now we can start all our VMs manually. Not quite what we expected
when switching to nftables :(
Thanks for your feedback
--
Daniel
More information about the Pkg-libvirt-maintainers
mailing list