On Mon, 2019-03-11 at 12:55 +0100, Michal Privoznik wrote:
> On 3/11/19 11:43 AM, Daniel P. Berrangé wrote:
> > What I mean is that this transaction is checking the filter, nat and
> > mangle tables of both ipv4 and ipv6. You have a missing mangle table
> > for ipv6, but this "ignore errors" policy
On Mon, Mar 11, 2019 at 12:55:33PM +0100, Michal Privoznik wrote:
> On 3/11/19 11:43 AM, Daniel P. Berrangé wrote:
>
> >
> > What I mean is that this transaction is checking the filter, nat and
> > mangle tables of both ipv4 and ipv6. You have a missing mangle table
> > for ipv6, but this "ignore
On 3/11/19 11:43 AM, Daniel P. Berrangé wrote:
What I mean is that this transaction is checking the filter, nat and
mangle tables of both ipv4 and ipv6. You have a missing mangle table
for ipv6, but this "ignore errors" policy means we'll even ignore
the missing "filter" table for ipv4 for exam
On Mon, Mar 11, 2019 at 11:27:33AM +0100, Michal Privoznik wrote:
> On 3/11/19 11:05 AM, Daniel P. Berrangé wrote:
> > On Mon, Mar 11, 2019 at 09:37:52AM +0100, Michal Privoznik wrote:
> > > The way this function works is that for both iptables and
> > > ip6tables (or their firewalld friends) and f
On 3/11/19 11:05 AM, Daniel P. Berrangé wrote:
On Mon, Mar 11, 2019 at 09:37:52AM +0100, Michal Privoznik wrote:
The way this function works is that for both iptables and
ip6tables (or their firewalld friends) and for every table
("filter", "nat", "mangle") it lists chains defined for the table
On Mon, Mar 11, 2019 at 09:37:52AM +0100, Michal Privoznik wrote:
> The way this function works is that for both iptables and
> ip6tables (or their firewalld friends) and for every table
> ("filter", "nat", "mangle") it lists chains defined for the table
> and then calls iptablesPrivateChainCreate(
The way this function works is that for both iptables and
ip6tables (or their firewalld friends) and for every table
("filter", "nat", "mangle") it lists chains defined for the table
and then calls iptablesPrivateChainCreate() over the list. The
callback is then supposed to find libvirt private cha