From what I've noticed /etc/sysconfig/iptables is only touched by ovirt when it does the initial install or upgrade. My iptables rules have been happily running for months..
ICMP returning an error/blocked message believe it's the last line in the iptables config file which ovirt configures in the initial install. On Wed, Oct 2, 2013 at 5:40 PM, Sven Kieske <S.Kieske@mittwald.de> wrote:
Hi,
no, this is _no_ all in one installation, as was clearly stated in my first messsage. I do not try to run VMs on the management node.
Maybe I should rearrange my question:
What is the recommended way of adding additional iptables rules on the management node? We need to make sure our additional rules do not get overwritten by ovirt.
Can you just append rules to /etc/sysconfig/iptables or does this file get overwritten under any circumstances from this "vdsm bootstrap script" or any other ovirt related component?
Thanks
Sven
On 02/10/13 09:14, Yedidyah Bar David wrote:
Hi,
----- Original Message -----
From: "Sven Kieske" <S.Kieske@mittwald.de> To: "oVirt Users ML" <users@ovirt.org> Sent: Wednesday, October 2, 2013 9:58:43 AM Subject: Re: [Users] iptables settings/scripts ovirt 3.3
Hi,
thanks for your answer on list, Russ. But I still don't know which mechanism(s?) do(es) change firewall settings on the oVirt Management Node?
Do you have on the management node also VDSM? The allinone plugin? Is that intended? You need it if you want to run VMs on it. VDSM manages networking on nodes (hypervisors), which includes the management node if you have chosen so during setup.
Regards,
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users