Spinmc
n00b
Joined: 06 Sep 2010
Posts: 39
Location: Ruvo di Puglia (BA) Italy
|
 Posted: Tue Apr 22, 2014 6:36 pm Post subject: systemd, libvirtd.service and iptables |
 |
|
Hello, I need some help to correctly configure a service file of libvirtd for my needs.
Some backgrounds.
I noticed that on stopping the libvirtd service it doesn't deactivate nat-ed networks, so there remain all the iptables rules libvirt creates to act as a dhcp server. This is very bad if you enable iptables-{save,restore}.service units because it will save those rules across reboots, then when libvirtd service starts on the next boot it will add again its rules, and again and again...
So I think it should be a better approach to let libvirt deactivate its networks before executing iptables-save on system shutdown. For this purpose i tried to add the following in libvirtd.service:
| Code: | | ExecStop=/bin/bash -c "for net_list in $(/usr/bin/virsh net-list | /bin/grep -i active | awk '{ print $1 }'); do /usr/bin/virsh net-destroy $net_list; done" |
In this way it works very well when I run systemctl stop libvirtd BUT it doesn't work on system shutdown/reboot. Systemd simply ignores the ExecStop directive on system shutdown. Why?
Have you never faced it before?
Thanks.
_________________
Excuse me for my English, I'm working on it! 
Proud Gentoo donor. Help Gentoo making a donation so do you.
My italian-language blog: http://www.paba-blog.it  |
|
Other Things Gentoo
