What about this?
Can you check whether it is true or false?
What about this?
Unfortunately I do not receive any output
$ lxc network get lxdbr0 ipv4.firewall
while I get an output for NAT
$ sudo lxc network get lxdbr0 ipv4.nat true
If you dont get any output that means default value is used which is True.
So this means there is a command to add the lxc iptables rules afterwards ?
Yep, you can test this.
lxc network set lxdbr0 ipv4.firewall False
If I understand the command correct, the ipv4.firewall command autogenerates the iptables firewall when lxc is installed. For me the ipv4.firewall looks more like a setting.
What I would like to find is a command that forces the autogeneration of the lxc firewall rules when I execute the command for the currect iptables ruleset.
If you set the ipv4.firewall setting to false that means you switch off the lxd firewall rule autogeneration. So if you prevent the dhcp communication with the lxd containers it doesnt get the IP address from the pool.
but the iptables rule is a allow rule not a deny rule, which means when I switch off the autogeneration it will not generate the allow rule and it will therefore be denied. This would be the opposite I would like to achieve.
The case is noipv4 issue, so I just mentioned that there is an option in the lxd firewall generation. In your case why dont you disable lxd iptables autogeneration and define your own iptable rules to overcome that barrier. Somehow container cant reach the host dhcp server, I suppose.
When this next occurs, please can you provide output of:
sudo nft list ruleset(if this runs)
sudo ss -ulpn
Also please can you advise if you have Docker installed on the host?