On Fri, Mar 18, 2016 at 5:17 AM, Akram Ben Aissi <[email protected]> wrote:
> Hi guys, > > I have an containairized installation of Origin, and I was struggling with > an issue which prevents any of my container to succeed in doing a DNS query > through the kubernetes embedded DNS. > > I figure out that I had a missing iptable rule in my setup, which may have > disappeared or not automatically set: So I added these two, and it works > (even if probably not optimally secure) > > iptables -A IN_public_allow -p udp -m udp --dport 53 -j ACCEPT > iptables -A IN_public_allow -p tcp -m tcp --dport 53 -m conntrack > --ctstate NEW -j ACCEPT > We don't add anything to the IN_public_allow chain, this actually looks like firewalld and not iptables. All rules that we add (with the exception of a jump rule to the chain we create) are added to the OS_FIREWALL_ALLOW chain. > > Do you know where this may come from ? > If I take a look at an non containerised installation, running in > Enterprise version, I have these rules set. > > Greetings > > > _______________________________________________ > dev mailing list > [email protected] > http://lists.openshift.redhat.com/openshiftmm/listinfo/dev > > -- Jason DeTiberus
_______________________________________________ dev mailing list [email protected] http://lists.openshift.redhat.com/openshiftmm/listinfo/dev
