Hi,
My iptables rules are not permissives. For exemple, my default iptables's rules are DROP. libvirt inserts some iptables's rules. But, because my rules are not permissives, some DROP are generated.
I fix it with a script, but i am looking for an automatization.
I saw an directory named iptables with sub-directories named nat and filter in /var/lib/libvirt (all empty) :
# ls -r /var/lib/libvirt/iptables nat filter
My questions, in this context, are : - Can i use this directories to put some iptables rules who will be loaded and unloaded with libvirtd ? - If yes, how i must set them ? - If no, any others solutions ?
Thanks.