: rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo iptables -S -tfilter | grep virbr0 -A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT -A FORWARD -i virbr0 -o virbr0 -j ACCEPT -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable -A OUTPUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo iptables -S -tmangle | grep virbr0 -A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo ip li sh dev virbr0 ; sudo ip li sh dev virbr0-nic 9: virbr0: mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000 link/ether 52:54:00:6e:20:24 brd ff:ff:ff:ff:ff:ff 10: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN mode DEFAULT group default qlen 1000 link/ether 52:54:00:6e:20:24 brd ff:ff:ff:ff:ff:ff : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo ip ad sh dev virbr0 ; sudo ip ad sh dev virbr0-nic 9: virbr0: mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:6e:20:24 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 10: virbr0-nic: mtu 1500 qdisc fq_codel master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:6e:20:24 brd ff:ff:ff:ff:ff:ff : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo ip ro sh dev virbr0 ; sudo ip ro sh dev virbr0-nic 192.168.122.0/24 proto kernel scope link src 192.168.122.1 linkdown : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo bridge -d li sh 10: virbr0-nic state DOWN : mtu 1500 master virbr0 state disabled priority 32 cost 100 hairpin off guard off root_block off fastleave off learning on flood on mcast_flood on : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo bridge -d fdb sh | grep virbr0 01:00:5e:00:00:01 dev virbr0 self permanent 01:00:5e:00:00:fb dev virbr0 self permanent 52:54:00:6e:20:24 dev virbr0-nic vlan 1 master virbr0 permanent 52:54:00:6e:20:24 dev virbr0-nic master virbr0 permanent : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo ss -tnlup | sed -n '1p;/virbr0/p;/192\.168\.122/p' | column -t rnabinger@nabit440p.nabin.info Password: Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port udp UNCONN 0 0 192.168.122.1:53 *:* users:(("dnsmasq",pid=1563,fd=5)) udp UNCONN 0 0 *%virbr0:67 *:* users:(("dnsmasq",pid=1563,fd=3)) tcp LISTEN 0 5 192.168.122.1:53 *:* users:(("dnsmasq",pid=1563,fd=6)) : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo ps -FH -p1563 --ppid 1563 | cat UID PID PPID C SZ RSS PSR STIME TTY TIME CMD nobody 1563 1 0 11219 2284 1 Feb22 ? 00:00:00 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leaseshelper root 1564 1563 0 11186 344 1 Feb22 ? 00:00:00 /usr/bin/dnsmasq --conf-file=/var/lib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/usr/lib/libvirt/libvirt_leaseshelper : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo cat /var/lib/libvirt/dnsmasq/default.conf rnabinger@nabit440p.nabin.info Password: ##WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE ##OVERWRITTEN AND LOST. Changes to this configuration should be made using: ## virsh net-edit default ## or other application using the libvirt API. ## ## dnsmasq conf file created by libvirt strict-order pid-file=/var/run/libvirt/network/default.pid except-interface=lo bind-dynamic interface=virbr0 dhcp-range=192.168.122.2,192.168.122.254 dhcp-no-override dhcp-authoritative dhcp-lease-max=253 dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo file /usr/lib/libvirt/libvirt_leaseshelper /usr/lib/libvirt/libvirt_leaseshelper: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.32, BuildID[sha1]=79846bf45b6ca08073282f12763f31a31cbd6175, stripped, with debug_info : rnabinger@nabit440p.nabin.info:/home/rnabinger/ % sudo lsof -p 1563,1564 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME dnsmasq 1563 nobody cwd DIR 8,2 4096 2 / dnsmasq 1563 nobody rtd DIR 8,2 4096 2 / dnsmasq 1563 nobody txt REG 8,2 361728 116863 /usr/bin/dnsmasq dnsmasq 1563 nobody mem REG 8,2 80520 128947 /usr/lib/libgpg-error.so.0.21.0 dnsmasq 1563 nobody mem REG 8,2 1108832 117781 /usr/lib/libgcrypt.so.20.1.6 dnsmasq 1563 nobody mem REG 8,2 80192 1583800 /usr/lib/liblz4.so.1.7.5 dnsmasq 1563 nobody mem REG 8,2 154344 98406 /usr/lib/liblzma.so.5.2.3 dnsmasq 1563 nobody mem REG 8,2 1063288 93595 /usr/lib/libm-2.24.so dnsmasq 1563 nobody mem REG 8,2 31712 93598 /usr/lib/librt-2.24.so dnsmasq 1563 nobody mem REG 8,2 17256 94297 /usr/lib/libcap.so.2.25 dnsmasq 1563 nobody mem REG 8,2 84816 93597 /usr/lib/libresolv-2.24.so dnsmasq 1563 nobody mem REG 8,2 22936 2239012 /usr/lib/libmnl.so.0.2.0 dnsmasq 1563 nobody mem REG 8,2 26376 2754623 /usr/lib/libnfnetlink.so.0.2.0 dnsmasq 1563 nobody mem REG 8,2 143432 93498 /usr/lib/libpthread-2.24.so dnsmasq 1563 nobody mem REG 8,2 1951744 93527 /usr/lib/libc-2.24.so dnsmasq 1563 nobody mem REG 8,2 211496 130671 /usr/lib/libidn.so.11.6.16 dnsmasq 1563 nobody mem REG 8,2 603040 95635 /usr/lib/libgmp.so.10.3.2 dnsmasq 1563 nobody mem REG 8,2 216776 130733 /usr/lib/libhogweed.so.4.3 dnsmasq 1563 nobody mem REG 8,2 228600 130737 /usr/lib/libnettle.so.6.3 dnsmasq 1563 nobody mem REG 8,2 121448 2754627 /usr/lib/libnetfilter_conntrack.so.3.6.0 dnsmasq 1563 nobody mem REG 8,2 325328 94118 /usr/lib/libdbus-1.so.3.14.10 dnsmasq 1563 nobody mem REG 8,2 168640 93524 /usr/lib/ld-2.24.so dnsmasq 1563 nobody mem REG 8,2 217032 422118 /var/db/nscd/group dnsmasq 1563 nobody mem REG 8,2 553408 128949 /usr/lib/libsystemd.so.0.17.0 dnsmasq 1563 nobody mem REG 8,2 217032 422117 /var/db/nscd/passwd dnsmasq 1563 nobody 0u CHR 1,3 0t0 7479 /dev/null dnsmasq 1563 nobody 1u CHR 1,3 0t0 7479 /dev/null dnsmasq 1563 nobody 2u CHR 1,3 0t0 7479 /dev/null dnsmasq 1563 nobody 3u IPv4 24827 0t0 UDP *:bootps dnsmasq 1563 nobody 4u netlink 0t0 24828 ROUTE dnsmasq 1563 nobody 5u IPv4 24830 0t0 UDP nabit440p.local:domain dnsmasq 1563 nobody 6u IPv4 24831 0t0 TCP nabit440p.local:domain (LISTEN) dnsmasq 1563 nobody 7r a_inode 0,11 0 7474 inotify dnsmasq 1563 nobody 8r FIFO 0,10 0t0 24834 pipe dnsmasq 1563 nobody 9w FIFO 0,10 0t0 24834 pipe dnsmasq 1563 nobody 10u unix 0xffff8802f6440800 0t0 24837 type=DGRAM dnsmasq 1563 nobody 13w FIFO 0,10 0t0 24838 pipe dnsmasq 1564 root cwd DIR 8,2 4096 2 / dnsmasq 1564 root rtd DIR 8,2 4096 2 / dnsmasq 1564 root txt REG 8,2 361728 116863 /usr/bin/dnsmasq dnsmasq 1564 root mem REG 8,2 80520 128947 /usr/lib/libgpg-error.so.0.21.0 dnsmasq 1564 root mem REG 8,2 1108832 117781 /usr/lib/libgcrypt.so.20.1.6 dnsmasq 1564 root mem REG 8,2 80192 1583800 /usr/lib/liblz4.so.1.7.5 dnsmasq 1564 root mem REG 8,2 154344 98406 /usr/lib/liblzma.so.5.2.3 dnsmasq 1564 root mem REG 8,2 1063288 93595 /usr/lib/libm-2.24.so dnsmasq 1564 root mem REG 8,2 31712 93598 /usr/lib/librt-2.24.so dnsmasq 1564 root mem REG 8,2 17256 94297 /usr/lib/libcap.so.2.25 dnsmasq 1564 root mem REG 8,2 84816 93597 /usr/lib/libresolv-2.24.so dnsmasq 1564 root mem REG 8,2 22936 2239012 /usr/lib/libmnl.so.0.2.0 dnsmasq 1564 root mem REG 8,2 26376 2754623 /usr/lib/libnfnetlink.so.0.2.0 dnsmasq 1564 root mem REG 8,2 143432 93498 /usr/lib/libpthread-2.24.so dnsmasq 1564 root mem REG 8,2 1951744 93527 /usr/lib/libc-2.24.so dnsmasq 1564 root mem REG 8,2 211496 130671 /usr/lib/libidn.so.11.6.16 dnsmasq 1564 root mem REG 8,2 603040 95635 /usr/lib/libgmp.so.10.3.2 dnsmasq 1564 root mem REG 8,2 216776 130733 /usr/lib/libhogweed.so.4.3 dnsmasq 1564 root mem REG 8,2 228600 130737 /usr/lib/libnettle.so.6.3 dnsmasq 1564 root mem REG 8,2 121448 2754627 /usr/lib/libnetfilter_conntrack.so.3.6.0 dnsmasq 1564 root mem REG 8,2 325328 94118 /usr/lib/libdbus-1.so.3.14.10 dnsmasq 1564 root mem REG 8,2 168640 93524 /usr/lib/ld-2.24.so dnsmasq 1564 root mem REG 8,2 217032 422118 /var/db/nscd/group dnsmasq 1564 root mem REG 8,2 553408 128949 /usr/lib/libsystemd.so.0.17.0 dnsmasq 1564 root mem REG 8,2 217032 422117 /var/db/nscd/passwd dnsmasq 1564 root 0u CHR 1,3 0t0 7479 /dev/null dnsmasq 1564 root 1u CHR 1,3 0t0 7479 /dev/null dnsmasq 1564 root 2u CHR 1,3 0t0 7479 /dev/null dnsmasq 1564 root 9w FIFO 0,10 0t0 24834 pipe dnsmasq 1564 root 12r FIFO 0,10 0t0 24838 pipe