572
edits
Changes
→Creating Customized Chains
# Issue '''iptables -L -v''' to view your firewall rules for your newly-created chains.
# Attempt to connect to your machine using the external facing address to ensure your rules are working.<br />You should not be able to connect from your windows machine, and the counters in iptables should show that packets are being caught in your MYICMP and MYSSH chains.<br><br>'''NOTE:''' Your system logs (such as: '''/var/log/messages''' or in the case (using a customized chains) the command: '''journalctl --dmesg | grep MYSSH''' should also show your failed attempts to '''ssh''' to you with your '''customized''' message.
# When you are confident the rules are working, save them by running <source>iptables-save > /etc/sysconfig/iptables</source><br />('''Note ''' ''that this should not include the rules from the virtual network. They will always be added automatically when libvirtd starts.'') <source>iptables-save > /etc/sysconfig/iptables</source><br />
# Now start libvirtd again, and test that your firewall still allows the VMs to connect to the host and each other (ping and ssh). Do not continue until it works.