<div dir="ltr">Thank you everything is green after re-install.<br></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><pre cols="72"><span><pre cols="72">***********************************************************</pre></span> Dr. Arman Khalatyan eScience -SuperComputing
Leibniz-Institut für Astrophysik Potsdam (AIP)
An der Sternwarte 16, 14482 Potsdam, Germany <br><span><pre cols="72">***********************************************************<br></pre></span></pre>
</div></div></div>
<br><div class="gmail_quote">On Wed, Nov 26, 2014 at 3:22 PM, Alon Bar-Lev <span dir="ltr"><<a href="mailto:alonbl@redhat.com" target="_blank">alonbl@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class=""><br>
<br>
----- Original Message -----<br>
> From: "Arman Khalatyan" <<a href="mailto:arm2arm@gmail.com">arm2arm@gmail.com</a>><br>
> To: "Alon Bar-Lev" <<a href="mailto:alonbl@redhat.com">alonbl@redhat.com</a>><br>
> Cc: "users" <<a href="mailto:users@ovirt.org">users@ovirt.org</a>><br>
</span><span class="">> Sent: Wednesday, November 26, 2014 12:50:41 PM<br>
> Subject: Re: [ovirt-users] what should be the output of the default iptables rules?<br>
><br>
</span><span class="">> Thanks!<br>
> So As I undertand it correctly the @CUSTOM_RULES@ will be overridden by<br>
> engine-config --set IPTablesConfigSiteCustom=""?<br>
<br>
</span>yes, and also th virt and gluster hanks.<br>
<div class="HOEnZb"><div class="h5"><br>
><br>
> ***********************************************************<br>
><br>
> Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für<br>
> Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany<br>
><br>
> ***********************************************************<br>
><br>
><br>
> On Wed, Nov 26, 2014 at 11:24 AM, Alon Bar-Lev <<a href="mailto:alonbl@redhat.com">alonbl@redhat.com</a>> wrote:<br>
><br>
> > You can look within<br>
> > /usr/share/ovirt-engine/dbscripts/upgrade/pre_upgrade/0000_config.sql for<br>
> > last instance of the value you seek (in most cases).<br>
> ><br>
> > IPTablesConfig:<br>
> > ---<br>
> > # oVirt default firewall configuration. Automatically generated by vdsm<br>
> > bootstrap script.<br>
> > *filter<br>
> > :INPUT ACCEPT [0:0]<br>
> > :FORWARD ACCEPT [0:0]<br>
> > :OUTPUT ACCEPT [0:0]<br>
> > -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT<br>
> > -A INPUT -p icmp -j ACCEPT<br>
> > -A INPUT -i lo -j ACCEPT<br>
> > # vdsm<br>
> > -A INPUT -p tcp --dport @VDSM_PORT@ -j ACCEPT<br>
> > # SSH<br>
> > -A INPUT -p tcp --dport @SSH_PORT@ -j ACCEPT<br>
> > # snmp<br>
> > -A INPUT -p udp --dport 161 -j ACCEPT<br>
> ><br>
> > @CUSTOM_RULES@<br>
> ><br>
> > # Reject any other input traffic<br>
> > -A INPUT -j REJECT --reject-with icmp-host-prohibited<br>
> > -A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with<br>
> > icmp-host-prohibited<br>
> > COMMIT<br>
> > ---<br>
> ><br>
> > ----- Original Message -----<br>
> > > From: "Arman Khalatyan" <<a href="mailto:arm2arm@gmail.com">arm2arm@gmail.com</a>><br>
> > > To: "Alon Bar-Lev" <<a href="mailto:alonbl@redhat.com">alonbl@redhat.com</a>><br>
> > > Cc: "users" <<a href="mailto:users@ovirt.org">users@ovirt.org</a>><br>
> > > Sent: Wednesday, November 26, 2014 12:17:18 PM<br>
> > > Subject: Re: [ovirt-users] what should be the output of the default<br>
> > iptables rules?<br>
> > ><br>
> > > Sorry forgot to mention:<br>
> > > Centos 6.6 ovirt 3.5.x, glusterfs 3.6.x, Storage type is iscsi<br>
> > ><br>
> > > ***********************************************************<br>
> > ><br>
> > > Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für<br>
> > > Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany<br>
> > ><br>
> > > ***********************************************************<br>
> > ><br>
> > ><br>
> > > On Wed, Nov 26, 2014 at 11:13 AM, Alon Bar-Lev <<a href="mailto:alonbl@redhat.com">alonbl@redhat.com</a>><br>
> > wrote:<br>
> > ><br>
> > > ><br>
> > > > What version do you use?<br>
> > > ><br>
> > > > ----- Original Message -----<br>
> > > > > From: "Arman Khalatyan" <<a href="mailto:arm2arm@gmail.com">arm2arm@gmail.com</a>><br>
> > > > > To: "users" <<a href="mailto:users@ovirt.org">users@ovirt.org</a>><br>
> > > > > Sent: Wednesday, November 26, 2014 12:00:10 PM<br>
> > > > > Subject: [ovirt-users] what should be the output of the default<br>
> > > > iptables rules?<br>
> > > > ><br>
> > > > > Hello,<br>
> > > > > I was playing with custom iptables rules and something went wrong.<br>
> > > > > Now my engine-config -g IPTablesConfig is empty.<br>
> > > > ><br>
> > > > > Can some one please give a hint what should be there??:)<br>
> > > > ><br>
> > > > > Thanks,<br>
> > > > > Arman.<br>
> > > > ><br>
> > > > > ***********************************************************<br>
> > > > > Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für<br>
> > > > Astrophysik<br>
> > > > > Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany<br>
> > > > > ***********************************************************<br>
> > > > ><br>
> > > > > _______________________________________________<br>
> > > > > Users mailing list<br>
> > > > > <a href="mailto:Users@ovirt.org">Users@ovirt.org</a><br>
> > > > > <a href="http://lists.ovirt.org/mailman/listinfo/users" target="_blank">http://lists.ovirt.org/mailman/listinfo/users</a><br>
> > > > ><br>
> > > ><br>
> > ><br>
> ><br>
><br>
</div></div></blockquote></div><br></div>