mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-04-30 21:41:53 +08:00
f5089257fd
In f41+ libvirt defaults to using nftables if both it and iptables are installed, but it doesn't seem to work with imagefactory/oz virt instances and our iptables setup. So, lets revert back to iptables for now. We can switch back if we can fix the incompatiblity, switch builders to nftables, or stop using oz/IF Signed-off-by: Kevin Fenzi <kevin@scrye.com>
30 lines
1.0 KiB
Plaintext
30 lines
1.0 KiB
Plaintext
# Master configuration file for the network driver.
|
|
# All settings described here are optional - if omitted, sensible
|
|
# defaults are used.
|
|
|
|
# firewall_backend:
|
|
#
|
|
# determines which subsystem to use to setup firewall packet
|
|
# filtering rules for virtual networks.
|
|
#
|
|
# Supported settings:
|
|
#
|
|
# iptables - use iptables commands to construct the firewall
|
|
# nftables - use nft commands to construct the firewall
|
|
#
|
|
# If firewall_backend isn't configured, libvirt will choose the
|
|
# first available backend from the following list:
|
|
#
|
|
# [nftables, iptables]
|
|
#
|
|
# If no backend is available on the host, then the network driver
|
|
# will fail to start, and an error will be logged.
|
|
#
|
|
# (NB: switching from one backend to another while there are active
|
|
# virtual networks *is* supported. The change will take place the
|
|
# next time that libvirtd/virtnetworkd is restarted - all existing
|
|
# virtual networks will have their old firewalls removed, and then
|
|
# reloaded using the new backend.)
|
|
#
|
|
firewall_backend = "iptables"
|