iptables rules are grouped in DRAKRUN_INP, DRAKRUN_FWD and DRAKRUN_FWD for easier management (naming convention got from libvirt)
draksetup cleanup-network to clean bridges and both old and new iptables rules. Should be run as a part of migration to the new version
setup_vm_network cleans old iptables rules before applying new ones in case of changes
changed --no-daemon flag in dnsmasq to --keep-in-foreground as --no-daemon is more like --debug
-d, --no-daemon
Debug mode: don't fork to the background, don't write a pid file, don't change user id, generate a complete cache dump on receipt on SIGUSR1, log to stderr as well as syslog, don't fork new processes to handle TCP queries. Note that this option is for use in debugging only, to stop dnsmasq daemonising in production, use --keep-in-foreground.
Other conclusions (maybe TODO):
delete_vm_network should be called only if needed. Right now:
drakrun never deletes network
draksetup sometimes deletes network (e.g. deletes for vm-1 at the time of generating profile but not vm-0)
playground always deletes network (and ignores /etc/drakrun/config.ini configuration
We don't need to randomly delete bridges and rules on Drakvuf machines unless it's necessary for migration
DRAKRUN_INP
,DRAKRUN_FWD
andDRAKRUN_FWD
for easier management (naming convention got from libvirt)draksetup cleanup-network
to clean bridges and both old and new iptables rules. Should be run as a part of migration to the new versionsetup_vm_network
cleans old iptables rules before applying new ones in case of changes--no-daemon
flag in dnsmasq to--keep-in-foreground
as--no-daemon
is more like--debug
Other conclusions (maybe TODO):
delete_vm_network
should be called only if needed. Right now:/etc/drakrun/config.ini
configuration We don't need to randomly delete bridges and rules on Drakvuf machines unless it's necessary for migration