[jira] [Created] (CLOUDSTACK-6820) VPC router ICMP acl

Thijs Houtenbos (JIRA) Mon, 02 Jun 2014 01:21:17 -0700

Thijs Houtenbos created CLOUDSTACK-6820:
-------------------------------------------


             Summary: VPC router ICMP acl
                 Key: CLOUDSTACK-6820
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6820
             Project: CloudStack
          Issue Type: Improvement
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Virtual Router
    Affects Versions: 4.3.0
            Reporter: Thijs Houtenbos
            Priority: Minor


There is a default allow icmp any any on the VPC router vm which cannot be 
controlled with the network ACLs. This makes it impossible to block certain 
icmp traffic.

root@r-4135-VM:~# iptables -L -v | grep icmp
10784  901K ACCEPT     icmp --  any    any     anywhere             anywhere



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Created] (CLOUDSTACK-6820) VPC router ICMP acl

Reply via email to