Hi,
I just compiled CloudStack 4.5.1 on Ubuntu 14.04
I created a Zone using VMware ESX 5.5 as hypervisor
SSVM was deployed from the template I downloaded from the internet
So far so good, now I have the problem that I can't upload ISO files to CS.
On the SSVM I found the following iptable rules:
root@s-6-VM:~# iptables -L -v
Chain INPUT (policy DROP 4 packets, 1002 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT tcp -- eth2 any anywhere
anywhere state NEW tcp dpt:https
0 0 ACCEPT tcp -- eth2 any anywhere
anywhere state NEW tcp dpt:http
2 120 ACCEPT tcp -- eth1 any anywhere
anywhere state NEW tcp dpt:3922
0 0 ACCEPT all -- eth0 any anywhere
anywhere state RELATED,ESTABLISHED
799 127K ACCEPT all -- eth1 any anywhere
anywhere state RELATED,ESTABLISHED
8 1096 ACCEPT all -- eth2 any anywhere
anywhere state RELATED,ESTABLISHED
0 0 ACCEPT all -- eth3 any anywhere
anywhere state RELATED,ESTABLISHED
4 260 ACCEPT all -- lo any anywhere anywhere
0 0 DROP icmp -- any any anywhere
anywhere icmp timestamp-request
0 0 ACCEPT icmp -- any any anywhere anywhere
0 0 ACCEPT tcp -- eth1 any anywhere
anywhere state NEW tcp dpt:3922
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 865 packets, 112K bytes)
pkts bytes target prot opt in out source
destination
0 0 REJECT tcp -- any eth1 anywhere
anywhere state NEW tcp dpt:http reject-with
icmp-port-unreachable
0 0 REJECT tcp -- any eth1 anywhere
anywhere state NEW tcp dpt:https reject-with
icmp-port-unreachable
Chain HTTP (0 references)
pkts bytes target prot opt in out source
destination
any ideas how I can get rid of the last 2 lines, or add some more lines to
allow download from certain (e.g.
secstorage.allowed.internal.sites) sources?
Kind regards
Bernhard
