Description of problem: While libvirt has it's own powerfult firewall driver, it would be nice if it could play nicely with firewalld - use it's native interfaces to tell it to open a port when libvirt itself or a managed VM starts listening on it and tell it to filter the port again when the port is not in use anymore. Using firewalld means that other apps in need of dynamic port opening/closing means that they can ask for their ports, too, without any configuration races etc. Version-Release number of selected component (if applicable): 1.0 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
As I've explained in the cloned bug, this is not what we, libvirt developers want. You certainly don't want an application playing with your firewall settings. Then again, libvirt provides variety of APIs to tunnel any data to/from the guest: from virDomainOpenGraphics(), through virDomainOpenConsole() to virDomainOpenChannel().