jayapalu commented on issue #2018: CLOUDSTACK-9848: Added exit status checking for the iptables commands URL: https://github.com/apache/cloudstack/pull/2018#issuecomment-299850524 Most of the test failures for because of the hidden bugs in iptables configuration. Please see the below logs from the VR, ACL_INBOUND_eth1 chain is not created. Added rule into this chain got failed. 2017-05-08 11:11:13,546 CsHelper.py execute2:209 Executing: iptables -t filter -I FORWARD -o eth1 -d 10.147.46.0/24 -j ACL_INBOUND_eth1 2017-05-08 11:11:13,551 configure.py main:1031 Exception while configuring router Traceback (most recent call last): File "/opt/cloud/bin/configure.py", line 1015, in main nf.compare(config.get_fw()) File "/opt/cloud/bin/cs/CsNetfilter.py", line 180, in compare raise Exception("iptables command got failed with error: %s " %error) Exception: iptables command got failed with error: ============== # cat /var/log/cloud.log | grep 'ACL_INBOUND_eth1' 2017-05-08 11:11:13,546 CsNetfilter.py compare:159 Checking if the rule already exists: rule={u'-d': u'10.147.46.0/24', u'-o': u'eth1', u'-A': u'FORWARD', u'-j': u'ACL_INBOUND_eth1'} table=filter chain=FORWARD 2017-05-08 11:11:13,546 CsNetfilter.py compare:164 Add: rule=-A FORWARD -o eth1 -d 10.147.46.0/24 -j ACL_INBOUND_eth1 table=filter 2017-05-08 11:11:13,546 CsHelper.py execute2:209 Executing: iptables -t filter -I FORWARD -o eth1 -d 10.147.46.0/24 -j ACL_INBOUND_eth1 root@r-36-QA:~# ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
With regards, Apache Git Services
