andrijapanicsb opened a new issue #3192: Security Group rules not applied at 
all for XenServer 6.5 / Advanced Zone
URL: https://github.com/apache/cloudstack/issues/3192
 
 
   <!--
   Verify first that your issue/request is not already reported on GitHub.
   Also test if the latest release and master branch are affected too.
   Always add information AFTER of these HTML comments, but no need to delete 
the comments.
   -->
   
   ##### ISSUE TYPE
   <!-- Pick one below and delete the rest -->
    * Bug Report
    
   
   ##### COMPONENT NAME
   <!--
   Categorize the issue, e.g. API, VR, VPN, UI, etc.
   -->
   ~~~
   Management Server most probably
   ~~~
   
   ##### CLOUDSTACK VERSION
   <!--
   New line separated list of affected versions, commit ID for issues on master 
branch.
   -->
   
   ~~~
   4.11.2, 4.12-RC2/RC3
   ~~~
   
   ##### CONFIGURATION
   <!--
   Information about the configuration if relevant, e.g. basic network, 
advanced networking, etc.  N/A otherwise
   -->
   Advanced Zone with Security Groups enabled, VM deployed inside Shared Network
   
   ##### OS / ENVIRONMENT
   <!--
   Information about the environment if relevant, N/A otherwise
   -->
   Hypervisor: XenServer 6.5(sp1)
   
   ##### SUMMARY
   <!-- Explain the problem/feature briefly -->
   
   Security Group rules (iptable rules) not applied at all on XenServer 6.5 / 
6.5SP1, in Advanced Zone with SG enabled on 4.11+ (FYI: works in 4.9.3 release)
   
   ##### STEPS TO REPRODUCE
   <!--
   For bugs, show exactly how to reproduce the problem, using a minimal 
test-case. Use Screenshots if accurate.
   
   For new features, show how the feature would be used.
   -->
   
   <!-- Paste example playbooks or commands between quotes below -->
   
   - Deploy a VM in a Shared Network with Security Groups (Advanced Zone with 
Security Groups enabled) will result in no rules being applied on the 
Hypervisor side (XenServer 6.5 / 6.5SP1)
   - Edit default Security Group and add a few rules for incoming/outgoing 
traffic
   - On XenServer 6.5 do "iptables -L -n | grep i-2-3-VM" and observe no rules 
for specific ports are present (i-2-3-VM being VM in test; specific ports being 
ports you added to default SG previously) 
   
   
   <!-- You can also paste gist.github.com links for larger files -->
   
   ##### EXPECTED RESULTS
   <!-- What did you expect to happen when running the steps above? -->
   
   ~~~
   Security Group rules (iptable rules) applied properly on XenServer 6.5
   ~~~
   
   ##### ACTUAL RESULTS
   <!-- What actually happened? -->
   
   <!-- Paste verbatim command output between quotes below -->
   ~~~
   no rules applied. cloud.log from XenServer on 4.9.3.1 vs 4.11.2 below 
(confirmed issue also for 4.12-RC2/RC3)
   
   
[4112-logs.txt](https://github.com/apache/cloudstack/files/2893090/4112-logs.txt)
   
[4391-logs.txt](https://github.com/apache/cloudstack/files/2893091/4391-logs.txt)
   ~~~
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Reply via email to