----- Original Message -----
From: "Arman Khalatyan" <arm2arm@gmail.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: "users" <users@ovirt.org> Sent: Wednesday, November 26, 2014 12:50:41 PM Subject: Re: [ovirt-users] what should be the output of the default iptables rules?
Thanks! So As I undertand it correctly the @CUSTOM_RULES@ will be overridden by engine-config --set IPTablesConfigSiteCustom=""?
yes, and also th virt and gluster hanks.
***********************************************************
Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany
***********************************************************
On Wed, Nov 26, 2014 at 11:24 AM, Alon Bar-Lev <alonbl@redhat.com> wrote:
You can look within /usr/share/ovirt-engine/dbscripts/upgrade/pre_upgrade/0000_config.sql for last instance of the value you seek (in most cases).
IPTablesConfig: --- # oVirt default firewall configuration. Automatically generated by vdsm bootstrap script. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT # vdsm -A INPUT -p tcp --dport @VDSM_PORT@ -j ACCEPT # SSH -A INPUT -p tcp --dport @SSH_PORT@ -j ACCEPT # snmp -A INPUT -p udp --dport 161 -j ACCEPT
@CUSTOM_RULES@
# Reject any other input traffic -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with icmp-host-prohibited COMMIT ---
----- Original Message -----
From: "Arman Khalatyan" <arm2arm@gmail.com> To: "Alon Bar-Lev" <alonbl@redhat.com> Cc: "users" <users@ovirt.org> Sent: Wednesday, November 26, 2014 12:17:18 PM Subject: Re: [ovirt-users] what should be the output of the default iptables rules?
Sorry forgot to mention: Centos 6.6 ovirt 3.5.x, glusterfs 3.6.x, Storage type is iscsi
***********************************************************
Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany
***********************************************************
On Wed, Nov 26, 2014 at 11:13 AM, Alon Bar-Lev <alonbl@redhat.com> wrote:
What version do you use?
----- Original Message -----
From: "Arman Khalatyan" <arm2arm@gmail.com> To: "users" <users@ovirt.org> Sent: Wednesday, November 26, 2014 12:00:10 PM Subject: [ovirt-users] what should be the output of the default iptables rules?
Hello, I was playing with custom iptables rules and something went wrong. Now my engine-config -g IPTablesConfig is empty.
Can some one please give a hint what should be there??:)
Thanks, Arman.
*********************************************************** Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany ***********************************************************
_______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users