Apologies for the unnecessary thread, but I solved it. For anyone facing the same issue, apparently, the firewall cli tool (firewall-cmd) is the default front-end for nftables as compared to the legacy iptables. However, the virtual machines still honor the rules of iptables, so changing any firewall rules will have no effect.
So I solved using the following steps:
- Set
FirewallBackend=iptablesin/etc/firewalld/firewalld.conf. - Restart the firewall:
sudo systemctl restart firewalld.
Now, try starting the VM and if internet access still does not work, then make sure that IP forwarding is allowed for your host machine and set firewall rule:
- Get zone:
sudo firewall-cmd --get-active-zones. - Select the zone which has the default NAT interface (created by libvirt), which in my case was
virbr0. - Set IP forwarding accordingly:
sudo firewall-cmd --add-forward --zone=[SELECTED ZONE HERE] --permanent