libvirt: "Failed to initialize a valid firewall backend"
Solution 1
Installing ebtables and dnsmasq seems to fix the problem. Don't forget to restart the libvirtd service.
The commands:
sudo pacman -Syu ebtables dnsmasq
sudo systemctl restart libvirtd
NOTE: do not forget to close and re-open your virt-manager GUI (if you're using one).
EDIT: The original answer suggested also installing firewalld. This doesn't seem to be necessary for many users, and may add an additional unwanted firewall to your system. However if you want to try it, you can add the following commands as well:
sudo pacman -Syu firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld
sudo systemctl restart libvirtd
Solution 2
This is the error that comes up if libvirtd was started without ebtables and/or dnsmasq installed. If you've got them installed and you're still having this issue, you probably need to restart the libvirtd service:
sudo systemctl restart libvirtd.service
Credit to the comments on the other answer to this question for illuminating this. I'm submitting it as a new and separate answer to the original question because installing and starting firewalld to solve the original problem is liable to cause new problems: once the firewall daemon is running, most of the services you'll want within your virtual machine, including DHCP, will be blocked by default, meaning that your VMs will not be able to reach the network on initialization.
I lost over an hour of my life trying to track down this problem, and tracing it to a firewall I had just enabled was one of the dumbest sources of a bug that I've ever run into. Don't let it take any time from yours.
Related videos on Youtube
02 : 55
03 : 56
00 : 50
03 : 35
02 : 14
![[SOLVED] Fortinet firewall license issue (expired) in EVE-NG 100% working | Fortinet | #fortinet](https://i.ytimg.com/vi/1CS5tD7ljdk/hqdefault.jpg?sqp=-oaymwEcCOADEI4CSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLAqc_2bd2UL5UrC_AJsRggRNX5z7Q)
07 : 14
02 : 17
testandby
Updated on September 18, 2022Comments
-
testandby over 1 year
I'm trying to set up a virtual NAT network device without DHCP for libvirt on an Arch Linux host.
What I have tried:
# virsh net-define network.xml Network default defined from network.xml[
network.xml]:<network> <name>default</name> <bridge name="maas0" /> <forward mode="nat" /> <ip address="10.137.0.1" netmask="255.255.255.0" /> </network>My laptop outputs the following on start-up:
# virsh net-start default error: Failed to start network default error: internal error: Failed to initialize a valid firewall backendAll other threads concerning this topic are talking about upgrading software -- I'm using the most current versions:
$ pacman -Q ebtables dnsmasq libvirt iptables ebtables 2.0.10_4-5 dnsmasq 2.75-1 libvirt 1.3.3-1 iptables 1.4.21-3What could be the reason for that
internal errorand what can I do against? -
pepper_chico over 6 yearsThere's no need to install
firewalld, it's also not listed on ArchLinux wiki, it's just necessary to startebtablesanddnsmasq, withlibvirtd/virtlogdafterwards. -
ThorSummoner over 5 yearsI want to emphasize, restart libvirtd, after installing
ebtablesanddnsmasq -
Alex Oliveira about 5 yearsI confirm there's no need to install
firewalld, as noted by @pepper_chico (comment) and Stuart P. Bentley (other answer). -
Tom Saleeba almost 3 yearsinstallingebtablesfor me meant replacingiptableswithiptables-nftas their packages conflicted. I had nothing configured iniptablesand the change seems to have not broken anything.
