Originally Posted by
The Cog
It may be that installing iptables would do it for you, even if you can only list the rules with nft. But I would suggest using the iptables-nft converter version. Your last post shows that virt-manager is using /usr/sbin/iptables to manipulate the rules, so I guess it won't mind using the iptables-nft version.
Unfortunately this doesn't work, virt-manager throws this error dialog -
Code:
Error creating virtual network: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --list-rules: iptables v1.8.7 (nf_tables): table `filter' is incompatible, use 'nft' tool.
Traceback (most recent call last):
File "/usr/share/virt-manager/virtManager/asyncjob.py", line 72, in cb_wrapper
callback(asyncjob, *args, **kwargs)
File "/usr/share/virt-manager/virtManager/createnet.py", line 428, in _async_net_create
netobj.create()
File "/usr/lib/python3/dist-packages/libvirt.py", line 3470, in create
raise libvirtError('virNetworkCreate() failed')
libvirt.libvirtError: internal error: Failed to apply firewall rules /usr/sbin/iptables -w --table filter --list-rules: iptables v1.8.7 (nf_tables): table `filter' is incompatible, use 'nft' tool.
I was able to work around the error with sudo iptables -L -v by renaming my firewall table to something other than filter , which causes iptables to report an empty firewall (nft still reports all rules). However, virt-manager continues to throw this same error dialog even after the rename and sudo iptables -L -v is working.
Was hoping that if any additional firewall rules are needed, they could be manually added using nft tool. Is there no way to get working networking in virt-manager without any iptables binary?
Bookmarks