Running KVM on Fedora 20 and firewall issue

This should be straight forward, isn’t it. But….

You will probablly use NAT and yes you can ping (because of virbr0). But you can’t reach host from guest’s internet browser, something like won’t work. That’s because libvirt-daemon-config-network package use iptables. Fedora 20 by default uses Firewalld and not iptables. Simple, change to iptables.

But. If you check iptables status.

Then if you check loadded iptables, you get this, whereas is added by libvirt-daemon-config-network package.

There is missing file /etc/sysconfig/iptables. So let’s generate it from legacy init script. A couple of way.

There you go! Start the iptables service again without a hiccup. Now yon can use internet browser from guest to host app server, say

Alternatively, by adding firewalld allow rule for might work as well. But I feel more comfortable with iptables and, Shorewall or old-school /usr/bin/system-config-firewall or gShield front end.