Hi,
this config was already in /etc/sysconfig/iptables (you forget some
empty lines, but the rest is identical), here is the outcome:
service iptables stop
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: nat filter mangl[ OK ]
iptables: Unloading modules: [ OK ]
[root@vroot4 ~]# service iptables start
iptables: Applying firewall rules: [ OK ]
[root@vroot4 ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTABLISHED
2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:54321
4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:22
5 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:161
6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:16514
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
multiport dports 5634:6166
8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
multiport dports 49152:49216
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:24007
10 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:111
11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:38465
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:38466
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:38467
14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:39543
15 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:55863
16 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:38468
17 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp
dpt:963
18 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:965
19 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:4379
20 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:139
21 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpt:445
22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
dpts:24009:24108
23 REJECT all -- 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0
PHYSDEV match ! --physdev-is-bridged reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
So there is no error, reloading it by hand.
I tried to then add the host again via webadmin, and it succeeds.
So I really don't know what the problem was :(
On 17.10.2013 17:52, Alon Bar-Lev wrote:
>
>
> ----- Original Message -----
>>
>> On 17.10.2013 16:15, Alon Bar-Lev wrote:
>>> Please send the entire host-deploy log so I can see what iptables rules are
>>> there.
>>>
>>