hi everybody my mind must have gone blank & eyes blind, I'm hoping it's simple and somebody can shed the light on bit I cannot see. a regular default net: <network> <name>default</name> <uuid>4c0a0c44-7e8a-493b-a57c-87cd38eaa0f7</uuid> <forward mode='nat'/> <bridge name='virbr0' stp='on' delay='0'/> ... a winbox on that net and I cannot access it from/via Internet, port forwarding fixed on the default gw/internet interface (or rather firewalld's zone), it forwards to winbox. what is it?
On 12/21/2015 10:46 AM, lejeczek wrote:> hi everybody > > my mind must have gone blank & eyes blind, I'm hoping it's simple and > somebody can shed the light on bit I cannot see. > > a regular default net: > <network> > <name>default</name> > <uuid>4c0a0c44-7e8a-493b-a57c-87cd38eaa0f7</uuid> > <forward mode='nat'/> > <bridge name='virbr0' stp='on' delay='0'/> > ... > > a winbox on that net and I cannot access it from/via Internet, > port forwarding fixed on the default gw/internet interface (or rather > firewalld's zone), it forwards to winbox. > > what is it?Are you asking how to do the port forwarding from within libvirt's network configuration? If so, the answer is "you can't". There is some advice here on how to accomplish it, though: http://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections
On 21/12/15 18:20, Laine Stump wrote:> On 12/21/2015 10:46 AM, lejeczek wrote: >> hi everybody >> >> my mind must have gone blank & eyes blind, I'm hoping >> it's simple and somebody can shed the light on bit I >> cannot see. >> >> a regular default net: >> <network> >> <name>default</name> >> <uuid>4c0a0c44-7e8a-493b-a57c-87cd38eaa0f7</uuid> >> <forward mode='nat'/> >> <bridge name='virbr0' stp='on' delay='0'/> >> ... >> >> a winbox on that net and I cannot access it from/via >> Internet, >> port forwarding fixed on the default gw/internet >> interface (or rather firewalld's zone), it forwards to >> winbox. >> >> what is it? > > Are you asking how to do the port forwarding from within > libvirt's network configuration? If so, the answer is "you > can't". There is some advice here on how to accomplish it, > though: > > http://wiki.libvirt.org/page/Networking#Forwarding_Incoming_Connections > > >that is pretty much it - trying to forward incoming(internet) connection to a guest behind/on libvirt nated network. Only difference from the examples in the page is to do it with firewalld(and it's rules/chains). I'm trying --add-forward-port but it does not work. I wonder if it can only be done through its direct/rich rules?