Github user borisroman commented on a diff in the pull request:
https://github.com/apache/cloudstack/pull/765#discussion_r39765711
--- Diff: systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py ---
@@ -414,7 +426,7 @@ def fw_router(self):
self.fw.append(['',
Github user bhaisaab commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-138522855
LGTM
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
Github user asfgit closed the pull request at:
https://github.com/apache/cloudstack/pull/765
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-138529499
Thanks, @bhaisaab !
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not
Github user miguelaferreira commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-138250804
@karuturi Wilder will add marvin test for this PR, I will run that and post
the results
---
If your project is set up for it, you can reply to this email
Github user karuturi commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-138238373
@miguelaferreira @wilderrodrigues waiting for the PR merge :)
---
If your project is set up for it, you can reply to this email and have your
reply appear on
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-138321248
@miguelaferreira @remibergsma @karuturi @DaanHoogland
The test is done!
Results:
Test iptables default INPUT/FORWARD policy on
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-137379240
Thanks for the LGTM and for the new issue, @karuturi. :)
I will push the test today and merge the PR after @miguelaferreira tests it.
Github user karuturi commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136962555
tested this on Xen 6.5 advanced zone with isolated and VPC. verified that
the default policies are set to drop.
I am not sure if its related to this. But,
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136951585
I will push a test today to cover the iptables default policies.
Do you need help finding the options on the UI whilst the test gets cooked?
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-137040420
Thanks for testing it, @karuturi, much appreciated!
I'm writing marvin tests for this PR and the other issue (CLOUDSTACK-8759).
Once done, I will
Github user karuturi commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-137048186
Ok. Here is the new issue
https://issues.apache.org/jira/browse/CLOUDSTACK-8795
:+1: for this PR
---
If your project is set up for it, you can reply to
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136601269
@karuturi @bhaisaab @DaanHoogland @koushik-das
Anyone with some time to have a look at this PR?
Thanks in advance.
Cheers,
Github user miguelaferreira commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136620086
@wilderrodrigues I'm now testing your PR, but I have a question: how is
SSHing into the VMs testing the default policy is set to DROP?
---
If your project
Github user DaanHoogland commented on a diff in the pull request:
https://github.com/apache/cloudstack/pull/765#discussion_r38396363
--- Diff: systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py ---
@@ -414,7 +426,7 @@ def fw_router(self):
self.fw.append(['',
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136621356
SSH doesn't test it... I just did to make sure all works as before.
To check the policies to iptables -L --verbose (you will see DROP for INPUT
and
Github user wilderrodrigues commented on a diff in the pull request:
https://github.com/apache/cloudstack/pull/765#discussion_r38404211
--- Diff: systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py ---
@@ -414,7 +426,7 @@ def fw_router(self):
Github user miguelaferreira commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136621918
ok, that's what I thought.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136664670
Hi @miguelaferreira
Okay for the Marvin test, but then it will make the thing wait for another
day, at least. Which is fine, but I hope people LGTM
Github user miguelaferreira commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136625019
@wilderrodrigues wouldn't it be better to have a Marvin test that check the
policy?
Now that I think of it, also a Python unit-test?
---
If your
Github user DaanHoogland commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136636331
changes look reasonable. have not tested, so I am going to trust
@wilderrodrigues on this but @miguelaferreira his point on an automation sounds
very promising
Github user miguelaferreira commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136667361
@wilderrodrigues ok for the python unit tests, but I would really like a
marvin test, or al least some way to automate setting up the environment you
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136354474
Some screenshots:
VMs:
GitHub user wilderrodrigues opened a pull request:
https://github.com/apache/cloudstack/pull/765
CLOUDSTACK-8688 - default policies for INPUT and FORWARD should be seâ¦
â¦t to DROP instead of ACCEPT
- In order to be able to access the routers via the link local
Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/765#issuecomment-136363043
VM Life Cycle tests (Advanced Zone)
```
[root@cs1 integration]# nosetests --with-marvin
25 matches
Mail list logo
