Displaying 3 results from an estimated 3 matches for "insert_rule".
2014 Jan 13
2
Re: Best practice for custom iptables rules
...t the hook script /etc/libvirt/hooks/daemon to be
> called when the libvirt daemon is started is actually called _before_
> libvirt adds its own iptables rules, because I am not able to insert my
> custom rule at the top of the chain.
>
how about this daemon hook script?
#!/bin/bash
#
insert_rule() {
sleep 2
iptables -t nat -D CUSTOM_RULE
iptables -t nat -I CUSTOM_RULE
}
case $2 in
start|reload)
insert_rule >/dev/null 2>&1 &
;;
*)
:
;;
esac
2014 Jan 09
5
Re: Best practice for custom iptables rules
Il 08/01/14 16:17, Laine Stump ha scritto:
> On 01/08/2014 01:43 PM, ZeroUno wrote:
>> Also, regarding the "iptables restart problem" described in the last
>> paragraph at <http://libvirt.org/firewall.html>, is there really no
>> acceptable way to make libvirt add its rules back automatically upon
>> iptables/network restart?
>
> Take a look at
2014 Jan 13
0
Re: Best practice for custom iptables rules
Il 13/01/14 04:06, Gao Yongwei ha scritto:
> how about this daemon hook script?
>
> #!/bin/bash
> #
> insert_rule() {
> sleep 2
> iptables -t nat -D CUSTOM_RULE
> iptables -t nat -I CUSTOM_RULE
> }
[...]
Thanks, I already tried inserting a delay with "sleep" but it didn't
change anything, as the hook script is not processed in parallel with
other operations: libvirt...