From 9cb5204fecb5384ee08c40dde45f3f99b29016f8 Mon Sep 17 00:00:00 2001
From: Yannik Schmidt <sheppy@atlantishq.de>
Date: Fri, 24 Oct 2025 18:05:16 +0200
Subject: [PATCH] add: qemu iptables hook

---
 helper_scripts/qemu-hooks/qemu | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 helper_scripts/qemu-hooks/qemu

diff --git a/helper_scripts/qemu-hooks/qemu b/helper_scripts/qemu-hooks/qemu
new file mode 100644
index 0000000..97d741a
--- /dev/null
+++ b/helper_scripts/qemu-hooks/qemu
@@ -0,0 +1,12 @@
+#!/bin/bash
+if [[ "$2" == "started" ]]; then
+
+    /usr/sbin/iptables -I LIBVIRT_FWI 1 -o virbr0 -i atlantishq  -d 192.168.123.0/24 -j ACCEPT
+    /usr/sbin/iptables -I LIBVIRT_FWI 1 -o virbr0 -i at_helsinki -d 192.168.123.0/24 -j ACCEPT
+    /usr/sbin/iptables -I LIBVIRT_FWI 1 -o virbr0 -i hc_worker_1 -d 192.168.123.0/24 -j ACCEPT
+
+    /usr/sbin/iptables -I LIBVIRT_FWO 1 -i virbr0 -s 192.168.123.0/24 -o atlantishq  -j ACCEPT
+    /usr/sbin/iptables -I LIBVIRT_FWO 1 -i virbr0 -s 192.168.123.0/24 -o hc_worker_1 -j ACCEPT
+    /usr/sbin/iptables -I LIBVIRT_FWO 1 -i virbr0 -s 192.168.123.0/24 -o at_helsinki -j ACCEPT
+
+fi