Red Hat Bugzilla – Bug 969177
RFE: use firewalld for dynamic firewal configuration
Last modified: 2015-07-13 11:34:52 EDT
Description of problem:
While libvirt has it's own powerfult firewall driver, it would be nice if it could play nicely with firewalld - use it's native interfaces to tell it to open a port when libvirt itself or a managed VM starts listening on it and tell it to filter the port again when the port is not in use anymore.
Using firewalld means that other apps in need of dynamic port opening/closing means that they can ask for their ports, too, without any configuration races etc.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
As I've explained in the cloned bug, this is not what we, libvirt developers want. You certainly don't want an application playing with your firewall settings. Then again, libvirt provides variety of APIs to tunnel any data to/from the guest: from virDomainOpenGraphics(), through virDomainOpenConsole() to virDomainOpenChannel().