[jira] [Updated] (CLOUDSTACK-9761) Custom NW offering with Default Egress policy as " Allow" : new ICMP rule is created as "accept" instead of " DROP"

Mon, 05 Jun 2017 23:28:14 -0700 

     [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

DeepthiMachiraju updated CLOUDSTACK-9761:
-----------------------------------------
    Labels: pvr  (was: )

> Custom NW offering with Default Egress policy as " Allow" : new ICMP rule is 
> created as "accept" instead of " DROP"
> -------------------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9761
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9761
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Virtual Router
>    Affects Versions: 4.9.0.1
>            Reporter: DeepthiMachiraju
>              Labels: pvr
>             Fix For: 4.10.0.0
>
>
> - Create a new network offering say 'nw1' with Default Egress policy as " 
> Allow".
> - deploy a network with the above offering.
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
> - on UI , select ICMP protocol and add the rule . 
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> ACCEPT     icmp --  10.1.1.0/24          0.0.0.0/0            icmptype 255
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
> - tcp/udp rules are added appropriately as drop .
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> DROP       udp  --  10.1.1.0/24          0.0.0.0/0            udp dpts:250:360
> DROP       tcp  --  10.1.1.0/24          0.0.0.0/0            tcp dpts:1:1000
> ACCEPT     icmp --  10.1.1.0/24          0.0.0.0/0            icmptype 255
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
>  



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to