>From what I've noticed /etc/sysconfig/iptables is only touched by ovirt when it does the initial install or upgrade. My iptables rules have been happily running for months..
ICMP returning an error/blocked message believe it's the last line in the iptables config file which ovirt configures in the initial install. On Wed, Oct 2, 2013 at 5:40 PM, Sven Kieske <[email protected]> wrote: > Hi, > > no, this is _no_ all in one installation, as was clearly stated in my > first messsage. > I do not try to run VMs on the management node. > > Maybe I should rearrange my question: > > What is the recommended way of adding additional iptables rules on the > management node? We need to make sure our additional rules do not get > overwritten by ovirt. > > Can you just append rules to /etc/sysconfig/iptables > or does this file get overwritten under any circumstances from this > "vdsm bootstrap script" or any other ovirt related component? > > Thanks > > Sven > > > > > On 02/10/13 09:14, Yedidyah Bar David wrote: > > Hi, > > > > ----- Original Message ----- > >> From: "Sven Kieske" <[email protected]> > >> To: "oVirt Users ML" <[email protected]> > >> Sent: Wednesday, October 2, 2013 9:58:43 AM > >> Subject: Re: [Users] iptables settings/scripts ovirt 3.3 > >> > >> Hi, > >> > >> thanks for your answer on list, Russ. > >> But I still don't know which mechanism(s?) do(es) > >> change firewall settings on the oVirt Management Node? > > > > Do you have on the management node also VDSM? The allinone plugin? > > Is that intended? You need it if you want to run VMs on it. VDSM > > manages networking on nodes (hypervisors), which includes the management > > node if you have chosen so during setup. > > > > Regards, > > > _______________________________________________ > Users mailing list > [email protected] > http://lists.ovirt.org/mailman/listinfo/users >
_______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
