docs: add network driver documentation

Currently documents only FreeBSD/pf specific configuration.

Signed-off-by: Roman Bogorodskiy <bogorodskiy@gmail.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>

diff --git a/docs/drivers.rst b/docs/drivers.rst
index b9dccdf5d2b186f847ce28f8f5ae9c85f877d190..f0d9e9ca3436fd6c7f20c69de3964dc34c7a3d8c 100644 (file)
--- a/docs/drivers.rst
+++ b/docs/drivers.rst
@@ -6,6 +6,7 @@ Internal drivers
 -  `Storage drivers <storage.html>`__
 -  `Node device driver <drvnodedev.html>`__
 -  `Secret driver <drvsecret.html>`__
+-  `Network driver <drvnetwork.html>`__
 
 The libvirt public API delegates its implementation to one or more internal
 drivers, depending on the `connection URI <uri.html>`__ passed when initializing

diff --git a/docs/drvnetwork.rst b/docs/drvnetwork.rst
new file mode 100644 (file)
index 0000000..2308231
--- /dev/null
+++ b/docs/drvnetwork.rst
@@ -0,0 +1,28 @@
+==============
+Network driver
+==============
+
+.. contents::
+
+Platform-specific notes
+=======================
+
+FreeBSD
+-------
+
+FreeBSD netowork driver uses the pf firewall. Libvirt managed pf rules
+are created within anchors. Anchors need to be configured manually by
+the user. Sample ``/etc/pf.conf`` might look like:
+
+::
+
+ scrub all
+
+ nat-anchor "libvirt\*"
+ anchor "libvirt\*"
+
+ pass all
+
+
+Users are not expected to manually modify rules in the ``"libvirt\*"``
+subanchors because the changes will be lost on restart.

diff --git a/docs/meson.build b/docs/meson.build
index 4f8982ee903b764fb31dabb251d462218b21b6b2..2c7c23271be5fef67c706d8e67ab94e3672375dc 100644 (file)
--- a/docs/meson.build
+++ b/docs/meson.build
@@ -49,6 +49,7 @@ docs_rst_files = [
   'drvesx',
   'drvhyperv',
   'drvlxc',
+  'drvnetwork',
   'drvnodedev',
   'drvopenvz',
   'drvqemu',