Hello,
I have kvm-host, firewalld and virt-manager-gui bundles installed. When I try to setup virtual network in virt-manager I got error:
Error starting network ‘network’: internal error: firewalld is set to use the nftables backend, but the required firewalld ‘libvirt’ zone is missing. Either set the firewalld backend to ‘iptables’, or ensure that firewalld has a ‘libvirt’ zone by upgrading firewalld to a version supporting rule priorities (0.7.0+) and/or rebuilding libvirt with --with-firewalld-zone
The libvirt manual (libvirt: Firewall and network filtering in libvirt) states that:
The zone named “libvirt” is installed into the firewalld configuration by libvirt (not by firewalld), and allows forwarded traffic through the bridge as well as DHCP, DNS, TFTP, and SSH traffic to the host - depending on firewalld’s backend this will be implemented via either iptables or nftables rules.
I checked installed version of the packages: firewalld is 0.7.2 and libvirt is 5.8.0. I also checked that indeed there is no libvirt zone file installed in /usr/lib/firewalld/zones/.
What is the problem? Is this a bug of CL kvm-host which missed to install libvirt zone to firewalld or I’m missing something. Thanks.