when I start with fedora 16 with vdsm installed, the iptables configuration is generated but iptables does not start. I am using the stable ovirt-engine.repo<div><br></div><blockquote style="margin:0 0 0 40px;border:none;padding:0px">
<div><div><font face="'courier new', monospace">[root@node1 ~]# service iptables status</font></div></div><div><div><font face="'courier new', monospace">Redirecting to /bin/systemctl status iptables.service</font></div>
</div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><div><font face="'courier new', monospace">iptables.service - IPv4 firewall with iptables</font></div></div></blockquote><blockquote style="margin:0 0 0 40px;border:none;padding:0px">
<div><div><font face="'courier new', monospace"> Loaded: loaded (/lib/systemd/system/iptables.service; enabled)</font></div></div></blockquote><blockquote style="margin:0 0 0 40px;border:none;padding:0px">
<div><div><font face="'courier new', monospace"> Active: failed since Sat, 24 Mar 2012 15:36:49 -0400; 1h 40min ago</font></div></div></blockquote><blockquote style="margin:0 0 0 40px;border:none;padding:0px">
<div><div><font face="'courier new', monospace"> Main PID: 895 (code=exited, status=1/FAILURE)</font></div></div></blockquote><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><div><font face="'courier new', monospace"> CGroup: name=systemd:/system/iptables.service</font></div>
</div></blockquote></blockquote><div><br></div><div><br></div><div><br></div><blockquote style="margin:0 0 0 40px;border:none;padding:0px"><div><div><font face="'courier new', monospace">[root@node1 ~]# cat /etc/sysconfig/iptables</font></div>
</div><div><div><font face="'courier new', monospace"># oVirt default firewall configuration. Automatically generated by vdsm bootstrap script.</font></div></div><div><div><font face="'courier new', monospace">*filter</font></div>
</div><div><div><font face="'courier new', monospace">:INPUT ACCEPT [0:0]</font></div></div><div><div><font face="'courier new', monospace">:FORWARD ACCEPT [0:0]</font></div></div><div><div><font face="'courier new', monospace">:OUTPUT ACCEPT [0:0]</font></div>
</div><div><div><font face="'courier new', monospace">-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT</font></div></div><div><div><font face="'courier new', monospace">-A INPUT -p icmp -j ACCEPT</font></div>
</div><div><div><font face="'courier new', monospace">-A INPUT -i lo -j ACCEPT</font></div></div><div><div><font face="'courier new', monospace"># vdsm</font></div></div><div><div><font face="'courier new', monospace">-A INPUT -p tcp --dport 54321 -j ACCEPT</font></div>
</div><div><div><font face="'courier new', monospace"># libvirt tls</font></div></div><div><div><font face="'courier new', monospace">-A INPUT -p tcp --dport 16514 -j ACCEPT</font></div></div><div><div><font face="'courier new', monospace"># SSH</font></div>
</div><div><div><font face="'courier new', monospace">-A INPUT -p tcp --dport 22 -j ACCEPT</font></div></div><div><div><font face="'courier new', monospace"># guest consoles</font></div></div><div><div><font face="'courier new', monospace">-A INPUT -p tcp -m multiport --dports 5634:6166 -j ACCEPT</font></div>
</div><div><div><font face="'courier new', monospace"># migration</font></div></div><div><div><font face="'courier new', monospace">-A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT</font></div>
</div>
<div><div><font face="'courier new', monospace"># snmp</font></div></div><div><div><font face="'courier new', monospace">-A INPUT -p udp --dport 161 -j ACCEPT</font></div></div><div><div><font face="'courier new', monospace"># Reject any other input traffic</font></div>
</div><div><div><font face="'courier new', monospace">-A INPUT -j REJECT --reject-with icmp-host-prohibited</font></div></div><div><div><font face="'courier new', monospace">-A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited</font></div>
</div><div><div><font face="'courier new', monospace">COMMIT</font></div></div></blockquote>