----- Original Message ----- > From: "Arman Khalatyan" <[email protected]> > To: "Alon Bar-Lev" <[email protected]> > Cc: "users" <[email protected]> > Sent: Wednesday, November 26, 2014 12:50:41 PM > Subject: Re: [ovirt-users] what should be the output of the default iptables > rules? > > Thanks! > So As I undertand it correctly the @CUSTOM_RULES@ will be overridden by > engine-config --set IPTablesConfigSiteCustom=""?
yes, and also th virt and gluster hanks. > > *********************************************************** > > Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für > Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany > > *********************************************************** > > > On Wed, Nov 26, 2014 at 11:24 AM, Alon Bar-Lev <[email protected]> wrote: > > > You can look within > > /usr/share/ovirt-engine/dbscripts/upgrade/pre_upgrade/0000_config.sql for > > last instance of the value you seek (in most cases). > > > > IPTablesConfig: > > --- > > # oVirt default firewall configuration. Automatically generated by vdsm > > bootstrap script. > > *filter > > :INPUT ACCEPT [0:0] > > :FORWARD ACCEPT [0:0] > > :OUTPUT ACCEPT [0:0] > > -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > > -A INPUT -p icmp -j ACCEPT > > -A INPUT -i lo -j ACCEPT > > # vdsm > > -A INPUT -p tcp --dport @VDSM_PORT@ -j ACCEPT > > # SSH > > -A INPUT -p tcp --dport @SSH_PORT@ -j ACCEPT > > # snmp > > -A INPUT -p udp --dport 161 -j ACCEPT > > > > @CUSTOM_RULES@ > > > > # Reject any other input traffic > > -A INPUT -j REJECT --reject-with icmp-host-prohibited > > -A FORWARD -m physdev ! --physdev-is-bridged -j REJECT --reject-with > > icmp-host-prohibited > > COMMIT > > --- > > > > ----- Original Message ----- > > > From: "Arman Khalatyan" <[email protected]> > > > To: "Alon Bar-Lev" <[email protected]> > > > Cc: "users" <[email protected]> > > > Sent: Wednesday, November 26, 2014 12:17:18 PM > > > Subject: Re: [ovirt-users] what should be the output of the default > > iptables rules? > > > > > > Sorry forgot to mention: > > > Centos 6.6 ovirt 3.5.x, glusterfs 3.6.x, Storage type is iscsi > > > > > > *********************************************************** > > > > > > Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für > > > Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany > > > > > > *********************************************************** > > > > > > > > > On Wed, Nov 26, 2014 at 11:13 AM, Alon Bar-Lev <[email protected]> > > wrote: > > > > > > > > > > > What version do you use? > > > > > > > > ----- Original Message ----- > > > > > From: "Arman Khalatyan" <[email protected]> > > > > > To: "users" <[email protected]> > > > > > Sent: Wednesday, November 26, 2014 12:00:10 PM > > > > > Subject: [ovirt-users] what should be the output of the default > > > > iptables rules? > > > > > > > > > > Hello, > > > > > I was playing with custom iptables rules and something went wrong. > > > > > Now my engine-config -g IPTablesConfig is empty. > > > > > > > > > > Can some one please give a hint what should be there??:) > > > > > > > > > > Thanks, > > > > > Arman. > > > > > > > > > > *********************************************************** > > > > > Dr. Arman Khalatyan eScience -SuperComputing Leibniz-Institut für > > > > Astrophysik > > > > > Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam, Germany > > > > > *********************************************************** > > > > > > > > > > _______________________________________________ > > > > > Users mailing list > > > > > [email protected] > > > > > http://lists.ovirt.org/mailman/listinfo/users > > > > > > > > > > > > > > > _______________________________________________ Users mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/users
