Those rules should not block the "ping" comand, hence they are meant to block "http" right?
I have been having the same problem lately with XenServer. The iptables rules that are rejecting my traffic are at the host itself. Can you check your host iptables configs? On Tue, Apr 5, 2016 at 3:42 AM, Syafiq Rokman <msyafiq.rok...@gmail.com> wrote: > Hi, > > Can't ping the default gateway of the SSVM or 8.8.8.8 from the SSVM. > I'm using KVM as hypervisor. > > Tried changing iptables rules on SSVM using > > iptables -F > iptables -X > iptables -t nat -F > iptables -t nat -X > iptables -t mangle -F > iptables -t mangle -X > iptables -P INPUT ACCEPT > iptables -P FORWARD ACCEPT > iptables -P OUTPUT ACCEPT > > to allow all connections, but keep getting this at Chain OUTPUT: > > REJECT tcp -- anywhere anywhere state NEW tcp > dpt:http reject-with icmp-port-unreachable > REJECT tcp -- anywhere anywhere state NEW tcp > dpt:https reject-with icmp-port-unreachable > > > > On Mon, Apr 4, 2016 at 6:49 PM Rafael Weingärtner < > rafaelweingart...@gmail.com> wrote: > > > What hypervisor are you using? > > Did change the iptables rules at the SSVM itself? > > > > On Mon, Apr 4, 2016 at 6:50 AM, Glenn Wagner <glenn.wag...@shapeblue.com > > > > wrote: > > > > > Hi, > > > > > > Can you ping the default gateway of the SSVM? > > > Can you ping google DNS 8.8.8.8 from the SSVM? > > > > > > Thanks > > > Glenn > > > > > > > > > Regards, > > > > > > Glenn Wagner > > > > > > glenn.wag...@shapeblue.com > > > www.shapeblue.com > > > 2nd Floor, Oudehuis Centre, 122 Main Rd, Somerset West, Cape Town > > > 7130South Africa > > > @shapeblue > > > > > > -----Original Message----- > > > From: Syafiq Rokman [mailto:msyafiq.rok...@gmail.com] > > > Sent: Monday, 04 April 2016 11:16 AM > > > To: users@cloudstack.apache.org > > > Subject: SSVM cant route to MS, Iptables keep self-updating > > > > > > Hi everyone! > > > > > > Im running CS 4.8 on Ubuntu 14.04 LTS. > > > > > > So I've managed to set up everything, but I still cant install > templates. > > > So I SSH-ed into the SSVM and ran the healthcheck and it seems that the > > > SSVM can't connect to the DNS. > > > > > > Logs says that it can't route to host. > > > > > > So I've tried to allow all outgoing/incoming connections on Iptables, > but > > > it keeps changing back to deny outgoing connections. > > > > > > Any ideas on how to proceed? > > > > > > Will provide logs if anyone needs it. > > > > > > Thanks > > > Syafiq Rokman > > > B.ICT Student > > > > > > > > > > > -- > > Rafael Weingärtner > > > -- Rafael Weingärtner
