Re: [Libguestfs] [PATCH 5/5] sysprep: remove iptables rules
On Thu, Sep 05, 2013 at 05:27:50PM +0800, Wanlong Gao wrote:
On 09/05/2013 05:18 PM, Richard W.M. Jones wrote:
> Doesn't this delete all the firewall rules (not just removing the
> custom rules)?
I thought that the system will not have a /etc/sysconfig/iptables
file by default, it is created by user when he want to enable his
custom rules. Right?
OK.
>
> Of course the other problem (not with this patch) is that distros
> using firewalld use a completely different method to store custom
> rules, although it is at least easier to delete custom rules in this
> case (by removing files the user has created under
> /etc/firewalld/zones/*.xml).
Oops, so we can add this, too. right?
Yes. As far as I can tell we just need to delete any files
matching /etc/firewalld/services/* and /etc/firewalld/zones/*
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming blog: http://rwmj.wordpress.com
Fedora now supports 80 OCaml packages (the OPEN alternative to F#)