Re: [Libguestfs] [PATCH 5/5] sysprep: remove iptables rules

On Thu, Sep 05, 2013 at 05:27:50PM +0800, Wanlong Gao wrote: > On 09/05/2013 05:18 PM, Richard W.M. Jones wrote: >> Doesn't this delete all the firewall rules (not just removing the >> custom rules)? > > I thought that the system will not have a /etc/sysconfig/iptables > file by default, it is created by user when he want to enable his > custom rules. Right? OK. >> >> Of course the other problem (not with this patch) is that distros >> using firewalld use a completely different method to store custom >> rules, although it is at least easier to delete custom rules in this >> case (by removing files the user has created under >> /etc/firewalld/zones/*.xml). > > Oops, so we can add this, too. right? Yes. As far as I can tell we just need to delete any files matching /etc/firewalld/services/* and /etc/firewalld/zones/*

Rich.