1. Patchew
  2. Libvirt
  3. View series

[PATCH 0/5] network: fix regression in firewalld zone setting

Laine Stump posted 5 patches 1 year, 4 months ago
Failed in applying to current master (apply log)
src/network/bridge_driver.c          |  34 +++----
src/network/bridge_driver_linux.c    | 140 ++++++++++++++++-----------
src/network/bridge_driver_nop.c      |  19 ----
src/network/bridge_driver_platform.h |   4 -
src/util/virfirewalld.c              |  16 +--
5 files changed, 102 insertions(+), 111 deletions(-)
[PATCH 0/5] network: fix regression in firewalld zone setting
Posted by Laine Stump 1 year, 4 months ago 
commit v10.7.0-76-g1a72b83d56 improperly assumed that reloading
firewalld wouldn't reset the firewalld zone of libvirt-managed bridge
devices. This resulted in loss of networking to guests when something
on the host triggered a reload of firewalld rules, reported here:

  https://issues.redhat.com/browse/RHEL-61576

This new series of patches, reverts that commit, along with commit
v10.7.0-78-g200f60b2e1, then reimplements their functionality assuming
that a firewalld reload *will* reset the zone of all libvirt-managed
bridge devices.

Laine Stump (5):
  Revert "network: *un*set the firewalld zone while shutting down a
    network"
  Revert "network: support setting firewalld zone for bridge device of
    open networks"
  network: call network(Add|Remove)FirewallRules() for forward
    mode='open'
  network: a different way of supporting firewalld zone for mode='open'
    networks
  network: a different implementation of *un*setting firewalld zone when
    network is destroyed

 src/network/bridge_driver.c          |  34 +++----
 src/network/bridge_driver_linux.c    | 140 ++++++++++++++++-----------
 src/network/bridge_driver_nop.c      |  19 ----
 src/network/bridge_driver_platform.h |   4 -
 src/util/virfirewalld.c              |  16 +--
 5 files changed, 102 insertions(+), 111 deletions(-)

-- 
2.46.1
Re: [PATCH 0/5] network: fix regression in firewalld zone setting
Posted by Jiri Denemark 1 year, 4 months ago 
On Mon, Oct 07, 2024 at 00:19:36 -0400, Laine Stump wrote:
> commit v10.7.0-76-g1a72b83d56 improperly assumed that reloading
> firewalld wouldn't reset the firewalld zone of libvirt-managed bridge
> devices. This resulted in loss of networking to guests when something
> on the host triggered a reload of firewalld rules, reported here:
> 
>   https://issues.redhat.com/browse/RHEL-61576
> 
> This new series of patches, reverts that commit, along with commit
> v10.7.0-78-g200f60b2e1, then reimplements their functionality assuming
> that a firewalld reload *will* reset the zone of all libvirt-managed
> bridge devices.
> 
> Laine Stump (5):
>   Revert "network: *un*set the firewalld zone while shutting down a
>     network"
>   Revert "network: support setting firewalld zone for bridge device of
>     open networks"
>   network: call network(Add|Remove)FirewallRules() for forward
>     mode='open'
>   network: a different way of supporting firewalld zone for mode='open'
>     networks
>   network: a different implementation of *un*setting firewalld zone when
>     network is destroyed
> 
>  src/network/bridge_driver.c          |  34 +++----
>  src/network/bridge_driver_linux.c    | 140 ++++++++++++++++-----------
>  src/network/bridge_driver_nop.c      |  19 ----
>  src/network/bridge_driver_platform.h |   4 -
>  src/util/virfirewalld.c              |  16 +--
>  5 files changed, 102 insertions(+), 111 deletions(-)

Reviewed-by: Jiri Denemark <jdenemar@redhat.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.