libvirt禁止每次增加新DHCP IP时写入iptables

每次增加DHCP IP的时候就会增加一条iptables规则,影响其他IP的正常使用,使用hooks直接恢复

mkdir /etc/libvirt/hooks
for f in daemon qemu lxc libxl network; do
  echo '#!/bin/sh
iptables-restore < /etc/sysconfig/iptables
iptables -I FORWARD -j ACCEPT' > "/etc/libvirt/hooks/$f"
  chmod +x "/etc/libvirt/hooks/$f"
done
service libvirtd restart