Yes it can be disabled, but why not just add the rules you need to make it work properly?
Are you asking about iptables on the host or the guest? Are you actually using firewalld, or is it really iptables? You can add a log statement before the reject rule in /etc/sysconfig/iptables to log a message to /var/log/messages to show what is being blocked. Then you can open those ports that show up in your log as necessary. For example: http://stackoverflow.com/questions/21771684/iptables-log-and-drop-in-one-rule HTH On Tue, Jul 15, 2014 at 10:34 AM, Niklas Fondberg <nik...@vireone.com> wrote: > Correction of my bad english... > "can iptables be disabled if I never plan to use NAT:d guests?" > > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users