On Thu, 6 May 2021 09:49:29 +0200 john doe <johndoe65...@mail.com> wrote:
> First you need to disable libvirt from playing with iptables, I > changed (virsh net-edit default) from: > <forward mode='nat'/> > > to: > > <forward mode='open'/> Thank you, that seems to have worked. > > Then you can use whatever firewalling solution you like (this is > documented in Libvirt's doc). I missed it. Sorry. > > > Remember that Bullseye as nftables per default, you might want to > switch back to iptables for Shorewall to work properly. Done, thank you. During this whole fiasco, I noticed a problem with virtmanager. The Bullseye version lets the user edit the XML. This is nice, because it then applies whatever changes the user makes. However, as soon as you hit the apply button, the displayed XML reverts to the original. The file is correct, as indicated by cat, but the display is wrong. Similarly, if you edit externally, even with virsh net-edit, the GUI does not pick up the changes. I believe this is a serious bug. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
