[ovirt-users] what should be the output of the default iptables rules?
Arman Khalatyan
arm2arm at gmail.com
Wed Nov 26 14:37:42 UTC 2014
Thank you everything is green after re-install.
***********************************************************
Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für
Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany
***********************************************************
On Wed, Nov 26, 2014 at 3:22 PM, Alon Bar-Lev <alonbl at redhat.com> wrote:
>
>
> ----- Original Message -----
> > From: "Arman Khalatyan" <arm2arm at gmail.com>
> > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > Cc: "users" <users at ovirt.org>
> > Sent: Wednesday, November 26, 2014 12:50:41 PM
> > Subject: Re: [ovirt-users] what should be the output of the default
> iptables rules?
> >
> > Thanks!
> > So As I undertand it correctly the @CUSTOM_RULES@ will be overridden by
> > engine-config --set IPTablesConfigSiteCustom=""?
>
> yes, and also th virt and gluster hanks.
>
> >
> > ***********************************************************
> >
> > Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für
> > Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany
> >
> > ***********************************************************
> >
> >
> > On Wed, Nov 26, 2014 at 11:24 AM, Alon Bar-Lev <alonbl at redhat.com>
> wrote:
> >
> > > You can look within
> > > /usr/share/ovirt-engine/dbscripts/upgrade/pre_upgrade/0000_config.sql
> for
> > > last instance of the value you seek (in most cases).
> > >
> > > IPTablesConfig:
> > > ---
> > > # oVirt default firewall configuration. Automatically generated by vdsm
> > > bootstrap script.
> > > *filter
> > > :INPUT ACCEPT [0:0]
> > > :FORWARD ACCEPT [0:0]
> > > :OUTPUT ACCEPT [0:0]
> > > -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> > > -A INPUT -p icmp -j ACCEPT
> > > -A INPUT -i lo -j ACCEPT
> > > # vdsm
> > > -A INPUT -p tcp --dport @VDSM_PORT@ -j ACCEPT
> > > # SSH
> > > -A INPUT -p tcp --dport @SSH_PORT@ -j ACCEPT
> > > # snmp
> > > -A INPUT -p udp --dport 161 -j ACCEPT
> > >
> > > @CUSTOM_RULES@
> > >
> > > # Reject any other input traffic
> > > -A INPUT -j REJECT --reject-with icmp-host-prohibited
> > > -A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with
> > > icmp-host-prohibited
> > > COMMIT
> > > ---
> > >
> > > ----- Original Message -----
> > > > From: "Arman Khalatyan" <arm2arm at gmail.com>
> > > > To: "Alon Bar-Lev" <alonbl at redhat.com>
> > > > Cc: "users" <users at ovirt.org>
> > > > Sent: Wednesday, November 26, 2014 12:17:18 PM
> > > > Subject: Re: [ovirt-users] what should be the output of the default
> > > iptables rules?
> > > >
> > > > Sorry forgot to mention:
> > > > Centos 6.6 ovirt 3.5.x, glusterfs 3.6.x, Storage type is iscsi
> > > >
> > > > ***********************************************************
> > > >
> > > > Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für
> > > > Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam,
> Germany
> > > >
> > > > ***********************************************************
> > > >
> > > >
> > > > On Wed, Nov 26, 2014 at 11:13 AM, Alon Bar-Lev <alonbl at redhat.com>
> > > wrote:
> > > >
> > > > >
> > > > > What version do you use?
> > > > >
> > > > > ----- Original Message -----
> > > > > > From: "Arman Khalatyan" <arm2arm at gmail.com>
> > > > > > To: "users" <users at ovirt.org>
> > > > > > Sent: Wednesday, November 26, 2014 12:00:10 PM
> > > > > > Subject: [ovirt-users] what should be the output of the default
> > > > > iptables rules?
> > > > > >
> > > > > > Hello,
> > > > > > I was playing with custom iptables rules and something went
> wrong.
> > > > > > Now my engine-config -g IPTablesConfig is empty.
> > > > > >
> > > > > > Can some one please give a hint what should be there??:)
> > > > > >
> > > > > > Thanks,
> > > > > > Arman.
> > > > > >
> > > > > > ***********************************************************
> > > > > > Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für
> > > > > Astrophysik
> > > > > > Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany
> > > > > > ***********************************************************
> > > > > >
> > > > > > _______________________________________________
> > > > > > Users mailing list
> > > > > > Users at ovirt.org
> > > > > > http://lists.ovirt.org/mailman/listinfo/users
> > > > > >
> > > > >
> > > >
> > >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20141126/ff698ddc/attachment-0001.html>
More information about the Users
mailing list