virtnwfilterd - Man Page

libvirt network filter management daemon

Synopsis

virtnwfilterd [OPTION]...

Description

The virtnwfilterd program is a server side daemon component of the libvirt virtualization management system.

It is one of a collection of modular daemons that replace functionality previously provided by the monolithic libvirtd daemon.

This daemon runs on virtualization hosts to provide management for network filters.

The virtnwfilterd daemon only listens for requests on a local Unix domain socket. Remote access via TLS/TCP and backwards compatibility with legacy clients expecting libvirtd is provided by the virtproxyd daemon.

Restarting virtnwfilterd does not interrupt running guests. Guests continue to operate and changes in their state will generally be picked up automatically during startup. None the less it is recommended to avoid restarting with running guests whenever practical.

Daemon Startup Modes

The virtnwfilterd daemon is capable of starting in two modes.

Socket activation mode

On hosts with systemd it is started in socket activation mode and it will rely on systemd to create and listen on the UNIX sockets and pass them as pre-opened file descriptors. In this mode most of the socket related config options in /etc/libvirt/virtnwfilterd.conf will no longer have any effect.

Traditional service mode

On hosts without systemd, it will create and listen on UNIX sockets itself.

Options

-h,  --help
Display command line help usage then exit.
-d,  --daemon
Run as a daemon & write PID file.
-f, --config *FILE*
Use this configuration file, overriding the default value.
-p, --pid-file *FILE*
Use this name for the PID file, overriding the default value.
-t, --timeout *SECONDS*
Exit after timeout period (in seconds), provided there are no client connections.
-v,  --verbose
Enable output of verbose messages.
--version
Display version information then exit.

Signals

On receipt of SIGHUP virtnwfilterd will reload its configuration.

Files

When run as root

  • /etc/libvirt/virtnwfilterd.conf

The default configuration file used by virtnwfilterd, unless overridden on the command line using the -f | --config option.

  • /run/libvirt/virtnwfilterd-sock
  • /run/libvirt/virtnwfilterd-sock-ro
  • /run/libvirt/virtnwfilterd-admin-sock

The sockets virtnwfilterd will use.

The TLS Server private key virtnwfilterd will use.

  • /run/virtnwfilterd.pid

The PID file to use, unless overridden by the -p | --pid-file option.

When run as non-root

  • $XDG_CONFIG_HOME/libvirt/virtnwfilterd.conf

The default configuration file used by virtnwfilterd, unless overridden on the command line using the -f``|--config`` option.

  • $XDG_RUNTIME_DIR/libvirt/virtnwfilterd-sock
  • $XDG_RUNTIME_DIR/libvirt/virtnwfilterd-admin-sock

The sockets virtnwfilterd will use.

  • $XDG_RUNTIME_DIR/libvirt/virtnwfilterd.pid

The PID file to use, unless overridden by the -p``|--pid-file`` option.

If $XDG_CONFIG_HOME is not set in your environment, virtnwfilterd will use $HOME/.config

If $XDG_RUNTIME_DIR is not set in your environment, virtnwfilterd will use $HOME/.cache

Examples

To retrieve the version of virtnwfilterd:

# virtnwfilterd --version
virtnwfilterd (libvirt) 10.8.0

To start virtnwfilterd, instructing it to daemonize and create a PID file:

# virtnwfilterd -d
# ls -la /run/virtnwfilterd.pid
-rw-r--r-- 1 root root 6 Jul  9 02:40 /run/virtnwfilterd.pid

Bugs

Please report all bugs you discover.  This should be done via either:

  1. the mailing list

    https://libvirt.org/contact.html

  2. the bug tracker

    https://libvirt.org/bugs.html

Alternatively, you may report bugs to your software distributor / vendor.

Authors

Please refer to the AUTHORS file distributed with libvirt.

License

virtnwfilterd is distributed under the terms of the GNU LGPL v2.1+. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE

See Also

virsh(1), libvirtd(8), https://libvirt.org/daemons.html,

Referenced By

virtnwfilterd_selinux(8).

Virtualization Support