[CLOUDSTACK-8891] Isolated network VR default iptables rules in INPUT chain are missing - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 4.6.0
Fix Version/s: 4.6.0
Component/s: Network Controller
Security Level: Public (Anyone can view this level - this is the default.)
Labels:
None

Description

Repro steps:
1.Create a advance zone setup
2. Create a VM in isolated network
Bug
VM is not assigned its guest ip as dhcp port in router is not open
Also dns, http ports missing.
iptables -L INPUT -nvx
Chain INPUT (policy DROP 1330 packets, 79806 bytes)
pkts bytes target prot opt in out source dest ination
1616 116814 NETWORK_STATS all – * * 0.0.0.0/0 0. 0.0.0/0
0 0 ACCEPT all – * * 0.0.0.0/0 224.0. 0.18
0 0 ACCEPT all – * * 0.0.0.0/0 225.0. 0.50
0 0 ACCEPT all – eth2 * 0.0.0.0/0 0.0.0. 0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0. 0/0
4 730 ACCEPT all – lo * 0.0.0.0/0 0.0.0. 0/0
255 34874 ACCEPT tcp – eth1 * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:3922 state NEW,ESTABLISHED
0 0 ACCEPT all – * * 0.0.0.0/0 224.0. 0.18
0 0 ACCEPT all – * * 0.0.0.0/0 225.0. 0.50
0 0 ACCEPT all – eth2 * 0.0.0.0/0 0.0.0. 0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0. 0/0
0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0. 0/0
0 0 ACCEPT tcp – eth1 * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:3922 state NEW,ESTABLISHED
0 0 ACCEPT all – * * 0.0.0.0/0 224.0. 0.18
0 0 ACCEPT all – * * 0.0.0.0/0 225.0. 0.50
0 0 ACCEPT all – eth2 * 0.0.0.0/0 0.0.0. 0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp – * * 0.0.0.0/0 0.0.0. 0/0
0 0 ACCEPT all – lo * 0.0.0.0/0 0.0.0. 0/0
0 0 ACCEPT tcp – eth1 * 0.0.0.0/0 0.0.0. 0/0 tcp dpt:3922 state NEW,ESTABLISHED

Attachments

Activity

People

Assignee:: Jayapal

Reporter:: Jayapal

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 22/Sep/15 05:09

Updated:: 30/Sep/15 04:09

Resolved:: 30/Sep/15 04:09