Firewall preventing Multipass to work

Hi @saviq,

I am having the similar issue. The only different is I have the firewall iptables enable.
When I disable the firewall everything is working.
However I would like to have the firewall enable and let multipass to work.
Do you know what are the ports that I need to enable so that multipass could work?

I am using edge version.
multipass 1.7.0-dev.391+g45149f2a
multipassd 1.7.0-dev.391+g45149f2a

Below are some errors I manage to find:

/[2021-04-13T06:55:44.330] [warning] [Qt] QProcess: Destroyed while process (“qemu-system-x86_64”) is still running.
/[2021-04-13T06:56:14.363] [debug] [ystem-x86_64 -nographic -dump-vmstate /tmp/multipassd.yeaKAc] [127067] started: qemu-system-x86_64 -nographic -dump-vmstate /tmp/multipassd.yeaKAc
/[2021-04-13T06:56:14.410] [debug] [daemon] Applying AppArmor policy: multipass.test.qemu-system-x86_64
|E0413 06:56:44.441124225 127017 ssl_transport_security.cc:510] Corruption detected.
E0413 06:56:44.441234594 127017 ssl_transport_security.cc:486] error:1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac
E0413 06:56:44.441259923 127017 secure_endpoint.cc:208] Decryption error: TSI_DATA_CORRUPTED
start failed: Stream removed with error SSL_ERROR_SYSCALL.

Thanks in advance.

Hi @jujupc, you need to let traffic from the mpqemubr0 through.

Multipass does set legacy iptables rules up, but we’ve not yet migrated to netfilter, which is what may be tripping your firewall.

Have a look at this issue for some pointers. If you replicate those rules in your firewall, you should be good again.