Comment 2 for bug 1928113

Hi Thiago,
the problem is that firewalld isn't in main and thereby not fully supported which means that libvirt (that is in main) can not depend on it - see [1] for some details.

Ubuntu's choice for this usually us UFW, but there is no UFW backend for libvirt.

Being on iptables wasn't so much of a discontinuation problem as iptables nowadays is provided by nftables/ebtables. But firewalld itself no more wants iptables that is true.

So the issue here is that today Ubuntus libvirt can't work with firewalld installed.
To be able to work we'd need to promote firewalld wich might be unwanted for many other reasons.
There might be a way in between if I can manage to get firewalld support built-in in a way that has no runtime dependency to firewalld from any of the packages in main.
But I can't promise this will work out.

I'll give it a try when I merge the next libvirt version and if it fails we need to reconsider getting firewalld promoted to main. If the latter also would be refused we'd at least want to make it fail more gracefully which might be tricky - e.g. a conflicts between libvirtd<->firewalld won't help you at all and you could have valid use cases for both just not everything would work.

Hmm, it feels there is too much uncertainty - I hope I can manage to build it in a non-dependent way because all other options sound lengthy.

[1]: https://wiki.ubuntu.com/MainInclusionProcess