Bug 1027134 - Firewall prevents networking in VMs
Firewall prevents networking in VMs
Status: CLOSED INSUFFICIENT_DATA
Product: Fedora
Classification: Fedora
Component: firewalld (Show other bugs)
19
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Thomas Woerner
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-11-06 03:53 EST by Kai Engert (:kaie)
Modified: 2014-06-10 13:15 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-06-10 13:15:15 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Kai Engert (:kaie) 2013-11-06 03:53:46 EST
Installed a fresh F19.

Attempted to make use of VMs that I had used on a different system.

Actual behaviour:
VMs couldn't start networking, they were stuck in "connecting"

I didn't think of the defaul firewall as a potential cause.
Once I did, the only obvious remedy was: disable firewall

Questions:
(a) Could firewalld allow communication with local VMs by default?
(b) If (a) => no, then:
    Could there be an easily discoverable fix to allow the user
    to allow such communication, without having to disable the firewall?
Comment 1 Thomas Woerner 2013-11-29 11:54:54 EST
What kind of VMs have you been using? Created and set up by libvirt?
Comment 2 Kai Engert (:kaie) 2013-11-29 14:27:56 EST
Yes, all of them had been created using virt-manager. Linux VMs, RHEL/Fedora.
Comment 3 Thomas Woerner 2013-12-02 06:18:58 EST
Are there errors in the logs related to libvirt or firewalld?
Is the libvirt configuration modified?

Please attach the output of the iptables-save command.
Comment 4 Kai Engert (:kaie) 2014-06-10 13:15:15 EDT
Looks I didn't have the time to follow up with the requested details :(

Note You need to log in before you can comment on or make changes to this bug.