Bug 1390469

Summary: Network filter table should include more filters
Product: Red Hat Enterprise Linux 7 Reporter: Tahlia Richardson <trichard>
Component: doc-Virtualization_Deployment_and_Administration_GuideAssignee: Jiri Herrmann <jherrman>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.3CC: danken, knoel, laine, rhel-docs, trichard
Target Milestone: rcKeywords: Documentation
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-10-02 15:35:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Tahlia Richardson 2016-11-01 07:11:15 UTC 
Document URL: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Virtualization_Deployment_and_Administration_Guide/sect-Virtual_Networking-Applying_network_filtering.html#sect-Applying_network_filtering-Advanced_Filter_Configuration_Topics

Section Number and Name: 19.14.11.4. Pre-existing network filters

Describe the issue: The table describing libvirt's default filters includes 6 filters. However, the Network Filter list in RHV's UI includes many more filters (see https://bugzilla.redhat.com/show_bug.cgi?id=1377181#c10 for details). Since these are libvirt filters that RHV just exposes, the table in this section should be expanded rather than duplicating the content in the RHV docs. 

Suggestions for improvement: Include additional filters in filter description table (maybe not vdsm-no-mac-spoofing; I think that is RHV-specific).

Additional information:
Comment 6 Dan Kenigsberg 2016-11-07 08:00:27 UTC 
indeed, vdsm-no-mac-spoofing is RHV-specific. But beside it, I suppose that Karen (or someone from her team) can tell which of the nwfilters shipped with libvirt are supported by RHEL and need documentation.
Comment 12 Laine Stump 2017-07-21 16:05:56 UTC 
I would combine the no-arp-spoofing, no-arp-mac-spoofing, and no-arp-ip-spoofing rules as you did for the qemu-self-announce rules. Other than that, it looks fine.