| View previous topic :: View next topic |
| Author |
Message |
hunky
l33t
Joined: 19 Nov 2003
Posts: 917
Location: Alaska
|
 Posted: Mon Mar 10, 2025 5:11 am Post subject: Qemu, virtual manager not working - maybe firewall [SOLVED] |
 |
|
A few months ago I had Qemu (virtual manager) working on my Gentoo host - doing a Win10 guest. Haven't tried it in awhile, but had a need today and now it won't start - network default not working. The message seems to point to a firewall issue but I'm a bit at a loss as to how to proceed or fix it. Here is the message:
| Code: | Error starting network 'default': internal error: Failed to apply firewall command 'nft add chain ip libvirt_network guest_nat '{ type nat hook postrouting priority 100; policy accept; }'': Error: No such file or directory; did you mean chain 'guest_input' in table ip 'libvirt_network'?
add chain ip libvirt_network guest_nat { type nat hook postrouting priority 100; policy accept; } |
Looks like I need to give it a priority of 100 and policy accept.. but I don't know if at all that is correct or how to do it. Not sure what changed since I last had it working, other than routine computer updates (and installing docker).
thanks!
If this helps at all:
| Code: | # nft list table ip libvirt_network
table ip libvirt_network {
chain forward {
type filter hook forward priority filter; policy accept;
counter packets 1131 bytes 872606 jump guest_cross
counter packets 1131 bytes 872606 jump guest_input
counter packets 1131 bytes 872606 jump guest_output
}
chain guest_output {
}
chain guest_input {
}
chain guest_cross {
}
chain guest_nat {
}
}
|
Last edited by hunky on Mon Mar 10, 2025 6:17 pm; edited 1 time in total |
|
| Back to top |
|
 |
sMueggli
Guru
Joined: 03 Sep 2022
Posts: 584
|
| Posted: Mon Mar 10, 2025 4:30 pm Post subject: |
|
|
| Maybe it is a problem with a (missing) kernel config? |
|
| Back to top |
|
|
hunky
l33t
Joined: 19 Nov 2003
Posts: 917
Location: Alaska
|
| Posted: Mon Mar 10, 2025 5:40 pm Post subject: |
|
|
| sMueggli wrote: | | Maybe it is a problem with a (missing) kernel config? |
You may be on to something there.. it was working before, but going through the wiki I noticed I didn't have the use flag nfs set for qemu. So I did that, and my error has now changed to:
| Code: | # virsh net-start default
error: Failed to start network default
error: internal error: Failed to apply firewall command '/sbin/tc filter add dev virbr0 prio 2 protocol ip parent 1: u32 match ip dport 68 ffff action csum ip and udp': Error: Failed to load TC action module.
We have an error talking to the kernel
|
|
|
| Back to top |
|
|
hunky
l33t
Joined: 19 Nov 2003
Posts: 917
Location: Alaska
|
| Posted: Mon Mar 10, 2025 6:17 pm Post subject: |
|
|
| Was the NET_ACT_CSUM missing thingy. Set it as "Y" and the default network starts. |
|
| Back to top |
|
|
|
Networking & Security
