Bah, hit send accidentally...wanted to reply, not forward...
On Sat, 2012-03-24 at 18:59 -0400, Mike Burns wrote:
email message attachment ([node-devel] iptables configuration is bad
with bonded network, fails to start Fedora 16), "Forwarded message -
[node-devel] iptables configuration is bad with bonded network, fails
to start Fedora 16"
> -------- Forwarded Message --------
> From: Andrew Wells <agwells0714(a)gmail.com>
> To: node-devel(a)ovirt.org
> Subject: [node-devel] iptables configuration is bad with bonded
> network, fails to start Fedora 16
> Date: Sat, 24 Mar 2012 17:28:19 -0400
>
> when I start with fedora 16 with vdsm installed, the iptables
> configuration is generated but iptables does not start. I am using
> the stable ovirt-engine.repo
>
>
> [root@node1 ~]# service iptables status
> Redirecting to /bin/systemctl status iptables.service
> iptables.service - IPv4 firewall with iptables
> Loaded: loaded
> (/lib/systemd/system/iptables.service; enabled)
> Active: failed since Sat, 24 Mar 2012
> 15:36:49 -0400; 1h 40min ago
> Main PID: 895 (code=exited,
> status=1/FAILURE)
> CGroup:
> name=systemd:/system/iptables.service
>
>
>
>
>
>
> [root@node1 ~]# cat /etc/sysconfig/iptables
> # oVirt default firewall configuration. Automatically
> generated by vdsm bootstrap script.
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> -A INPUT -p icmp -j ACCEPT
> -A INPUT -i lo -j ACCEPT
> # vdsm
> -A INPUT -p tcp --dport 54321 -j ACCEPT
> # libvirt tls
> -A INPUT -p tcp --dport 16514 -j ACCEPT
> # SSH
> -A INPUT -p tcp --dport 22 -j ACCEPT
> # guest consoles
> -A INPUT -p tcp -m multiport --dports 5634:6166 -j ACCEPT
> # migration
> -A INPUT -p tcp -m multiport --dports 49152:49216 -j ACCEPT
> # snmp
> -A INPUT -p udp --dport 161 -j ACCEPT
> # Reject any other input traffic
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -m physdev ! --physdev-is-bridged -j REJECT
> --reject-with icmp-host-prohibited
> COMMIT
> _______________________________________________
> node-devel mailing list
> node-devel(a)ovirt.org
>
http://lists.ovirt.org/mailman/listinfo/node-devel
_______________________________________________
Users mailing list
Users(a)ovirt.org
http://lists.ovirt.org/mailman/listinfo/users