[jira] [Commented] (CLOUDSTACK-8891) Isolated network VR default iptables rules in INPUT chain are missing

Wed, 23 Sep 2015 05:12:38 -0700 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8891?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14904407#comment-14904407
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8891:
--------------------------------------------

Github user wido commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/867#discussion_r40195834
  
    --- Diff: systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py ---
    @@ -116,6 +116,7 @@ def has_chain(self, table, chain):
         def has_rule(self, new_rule):
             for r in self.get():
                 if new_rule == r:
    +                logging.debug("new rule and r are same marking as seen")
    --- End diff --
    
    For somebody else this logline might be very odd to read


> Isolated network VR default iptables rules in INPUT chain are missing
> ---------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-8891
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8891
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Network Controller
>    Affects Versions: 4.6.0
>            Reporter: Jayapal Reddy
>            Assignee: Jayapal Reddy
>             Fix For: 4.6.0
>
>
> Repro steps:
> 1.Create a advance zone setup
> 2. Create a VM in isolated network
> Bug
> VM is not assigned its guest ip as dhcp port in router is not open
> Also dns, http ports missing.
> iptables -L INPUT -nvx
> Chain INPUT (policy DROP 1330 packets, 79806 bytes)
> pkts bytes target prot opt in out source dest ination
> 1616 116814 NETWORK_STATS all – * * 0.0.0.0/0 0. 0.0.0/0
> 0 0 ACCEPT all – * * 0.0.0.0/0 224.0. 0.18
> 0 0 ACCEPT all – * * 0.0.0.0/0 225.0. 0.50
> 0 0 ACCEPT all – eth2 * 0.0.0.0/0 0.0.0. 0/0 state RELATED,ESTABLISHED
> 0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0. 0/0
> 4 730 ACCEPT all – lo * 0.0.0.0/0 0.0.0. 0/0
> 255 34874 ACCEPT tcp – eth1 * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:3922 state 
> NEW,ESTABLISHED
> 0 0 ACCEPT all – * * 0.0.0.0/0 224.0. 0.18
> 0 0 ACCEPT all – * * 0.0.0.0/0 225.0. 0.50
> 0 0 ACCEPT all – eth2 * 0.0.0.0/0 0.0.0. 0/0 state RELATED,ESTABLISHED
> 0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0. 0/0
> 0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0. 0/0
> 0 0 ACCEPT tcp – eth1 * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:3922 state 
> NEW,ESTABLISHED
> 0 0 ACCEPT all – * * 0.0.0.0/0 224.0. 0.18
> 0 0 ACCEPT all – * * 0.0.0.0/0 225.0. 0.50
> 0 0 ACCEPT all – eth2 * 0.0.0.0/0 0.0.0. 0/0 state RELATED,ESTABLISHED
> 0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0. 0/0
> 0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0. 0/0
> 0 0 ACCEPT tcp – eth1 * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:3922 state 
> NEW,ESTABLISHED



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to