External Access to libvirt VMs

Instead of trying to map individual ports over to guest OS’s, I am just routing traffic to the VM bridge from the host.

Testing to ensure it works:

systemctl start firewalld
firewall-cmd –direct –passthrough ipv4 -I FORWARD -i br5 -j ACCEPT
firewall-cmd –direct –passthrough ipv4 -I FORWARD -o br5 -j ACCEPT
firewall-cmd –reload

Permanent setup:

systemctl enable firewalld
firewall-cmd –permanent –direct –passthrough ipv4 -I FORWARD -i br5 -j ACCEPT
firewall-cmd –permanent –direct –passthrough ipv4 -I FORWARD -o br5 -j ACCEPT
firewall-cmd –reload

Then I just added a static route for the network defined on br5 to the VM host.

Leave a Reply

Your email address will not be published. Required fields are marked *