Re: [libvirt-users] Best practice for custom iptables rules

Gao Yongwei Sun, 12 Jan 2014 19:12:55 -0800

> ...also, it appears that the hook script /etc/libvirt/hooks/daemon to be
> called when the libvirt daemon is started is actually called _before_
> libvirt adds its own iptables rules, because I am not able to insert my
> custom rule at the top of the chain.
>


how about this daemon hook script?

#!/bin/bash
#
insert_rule() {
    sleep 2
    iptables -t nat -D CUSTOM_RULE
    iptables -t nat -I CUSTOM_RULE
}


case $2 in
    start|reload)
        insert_rule  >/dev/null 2>&1 &
        ;;
    *)
        :
        ;;
esac

_______________________________________________
libvirt-users mailing list
libvirt-users@redhat.com
https://www.redhat.com/mailman/listinfo/libvirt-users

Re: [libvirt-users] Best practice for custom iptables rules

Reply via email to