I haven’t used my laptop for some time now. And when I did today, I had a bunch of upgrades to do.
Now after the upgrade, I had to reboot and after that my VMs could not access the Internet, unless I:
- Stop firewalld server
- Restart libvirtd
I am using Fedora 32.
The network is the default in libvirtd:
<network connections='1'> <name>default</name> <uuid>3de0f1d8-25f7-4f6b-ae36-0c5948a384a5</uuid> <forward mode='nat'> <nat> <port start='1024' end='65535'/> </nat> </forward> <bridge name='virbr0' stp='on' delay='0'/> <mac address='52:54:00:bb:d6:a8'/> <domain name='testenv' localOnly='no'/> <ip address='192.168.122.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.122.5' end='192.168.122.220'/> <host mac='52:54:00:0a:f3:8d' name='ipa1' ip='192.168.122.20'/> <host mac='52:54:00:90:bf:39' name='ipa2' ip='192.168.122.21'/> <host mac='52:54:00:ea:66:4f' name='z1' ip='192.168.122.51'/> <host mac='52:54:00:43:d1:87' name='z2' ip='192.168.122.52'/> <bootp file='pxelinux.0' server='192.168.122.234'/> </dhcp> </ip> </network>
The firewalld configuration is the following:
firewall-cmd --get-active-zones LocalKVM sources: 192.168.122.0/24 docker interfaces: docker0 home interfaces: enp0s25 wlp3s0 libvirt interfaces: virbr1 virbr0 firewall-cmd --info-service=libvirt libvirt ports: 16509/tcp protocols: source-ports: modules: destination: includes: helpers:
Obviously ip forwarding is working since when I stop the firewall I have proper access.
My firewalld is using iptables, since F32 is coming from a long list of upgrades and it’s not migrated to nftables. I really don’t know where I should add the NAT option (or even if I have to!)
So, what can I do to fix this?