[ovirt-users] vdsm ssl errors

Gianluca Cecchi gianluca.cecchi at gmail.com
Thu Oct 13 09:15:55 UTC 2016 

On Thu, Oct 13, 2016 at 11:13 AM, Gianluca Cecchi <gianluca.cecchi at gmail.com
> wrote:

> Il 13/Ott/2016 11:00, "Piotr Kliczewski" <pkliczew at redhat.com> ha scritto:
> >
> > Gianluca,
> >
> > Checking the log it seems that we do not configure firewall:
> >
> > NETWORK/firewalldEnable=bool:'False'
> > NETWORK/iptablesEnable=bool:'False'
> >
> > Please make sure that you reconfigure your firewall to open 54321 port
> or let host deploy to do it for you.
> >
> > Thanks,
> > Piotr
>
> Hi,
> at this moment Ihave:
> On hypervisor iptables service configured and active.
> On engine firewalld service configured and active.
> Do I have to open port 54321 on host?
>
Actually it is already...

root at ovirt01 ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:67
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:67
ACCEPT     all  --  192.168.1.212        0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state
RELATED,ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:54321
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:111
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:111
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:161
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:16514
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport
dports 2223
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport
dports 5900:6923
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            multiport
dports 49152:49216
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with
icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            192.168.122.0/24     ctstate
RELATED,ESTABLISHED
ACCEPT     all  --  192.168.122.0/24     0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with
icmp-port-unreachable
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with
icmp-port-unreachable
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            PHYSDEV match
! --physdev-is-bridged reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:68
[root at ovirt01 ~]#
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20161013/1c28d2bc/attachment-0001.html>

More information about the Users mailing list