I've had a CentOS 8.x install for years, and the libvirt virtualization has been on since day 1, but I never cared, because I didn't use it, and the client wasn't installed, so it really didn't affect anything. But the LIBVIRT chains in iptables were finally getting in the way, so I decided to disable libvirt and remove the chains. Just going to document that process because I'll probably need it later NOTE: The system was a minimal install that then followed "The Perfect Server – CentOS 8 with Apache, Postfix, Dovecot, Pure-FTPD, BIND and ISPConfig 3.2" guide from this site for the rest of the config/build. stop/disable libvirt Code: systemctl stop libvirtd systemctl stop libvirtd.socket systemctl stop libvirtd-ro.socket systemctl stop libvirtd-admin.socket systemctl disable libvirtd systemctl disable libvirtd.socket systemctl disable libvirtd-ro.socket systemctl disable libvirtd-admin.socket remove the iptable chains Code: iptables -F LIBVIRT_INP (flushes all the rules for this chain so it can be deleted) iptables -F LIBVIRT_OUT iptables -F LIBVIRT_FWI iptables -F LIBVIRT_FWO iptables -F LIBVIRT_FWI iptables -D FORWARD ### (removes the LIBVIRT_FWX rule from FORWARD chain - run "iptables -L FORWARD -n | grep LIB" to find your rule number) iptables -D FORWARD ### (same... FWI) iptables -D FORWARD ### (same... FWO) iptables -X LIBVIRT_FWI iptables -X LIBVIRT_FWO iptables -X LIBVIRT_FWI iptables -D INPUT ### (removes the LIBVIRT_INP rule from INPUT chain - run "iptables -L INPUT -n | grep LIB" to find your rule number) iptables -X LIBVIRT_INP iptables -D OUPUT ### (removes the LIBVIRT_OUT rule from OUTPUT chain - run "iptables -L OUTPUT -n | grep LIB" to find your rule number) iptables -X LIBVIRT_OUT service iptables save (to save the current iptables ruleset to a file) or iptables-save > /etc/sysconfig/iptables (to save the current iptables ruleset to a file) vi /etc/sysconfig/iptables (find and delete all entries that reference LIBVIRT (my config had LIBVIRT_PRT references remaining that I could not see/access/delete through the iptables command line interface) Code: systemctl restart iptables.service (or service iptables restart) to restart and reload the new iptables rules. then i saved them again to make sure the saved format was correct)
Hi, I am new to CentOS and use it as a desktop workstation. After install, I realized that two network devices were created that I am not familiar with: virbr0 virbr0-nic Which process/service is creating them? It seems that some masquerading from this device via my normal ethernet is enabled. So I assume they must be some virtual devices, however I am not aware that I installed anything software that would do that. How can I remove this device and disable it?
https://unix.stackexchange.com/questions/523245/whats-the-function-of-virbr0-and-virbr0-nic Code: When you installed the libvirt service, there will create the virbr0 automatically, it is a virtual network switch. all the virtual machines will connect to the virbr0. by default, virbr0 use NAT mode, can provide Internet access by NAT mode. by default, virbr0 assigned address 192.168.122.1, and it can provide DHCP service for other virtual interface who connected to it. that was a quick google search, i konw nothing else about it, and on my particular server, it was not installed.
