= bug description =
libvirt sets up its own firewall and forwarding rules. When firewalld is used, it uses firewalld's API and these changes persist; when firewalld is not used, restarting or reloading iptables drops them.
= bug analysis =
This is known; see last paragraph of http://libvirt.org/firewall.html
= fix recommendation =
Possibly port to firewalld in the future. For now, update playbooks and any manual procedures to send SIGHUP to libvirtd whenever iptables is reloaded.
Done.
http://infrastructure.fedoraproject.org/cgit/ansible.git/commit/?id=313cf3a
Login to comment on this ticket.