On Mon, May 29, 2017 at 1:14 PM, Andrew Dent <ad...@ctcroydon.com.au> wrote: > Hi > > I would like to add rules into the iptables of the Hosted Engine VM in > Ovirt. > I am wanting to monitor the Ovirt Engine using Nagios -> NRPE and I would > like to open port 5666 > > the version is oVirt Engine Version: 4.1.1.8-1.el7.centos > I have tried using the normal process for iptables (iptables-save etc), but > it seems that the file > /etc/sysconfig/iptables > is ignored when the Ovirt Engine VM starts.
What do you mean in "ignored"? What's the output of 'iptables-save'? Did you ask to configure the firewall during engine-setup? > > How can I add permanent iptables rules into the Engine VM? On the engine vm (unlike hosts), the only thing that touches iptables is engine-setup. Before doing that it asks you if you want to configure the firewall. There aren't currently means to add your custom rules - either you manage it all by yourself or you let engine-setup do that. Alternatively, it's recommended to use firewalld. engine-setup can add to firewalld the stuff it wants, and you still can add your own stuff. If I got you wrong and you refer to the hosts (not engine), see also: https://www.ovirt.org/blog/2016/12/extension-iptables-rules-oVirt-hosts/ Best, > > Kind regards > > > Andrew > > > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > -- Didi _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users