Return-Path: X-Original-To: apmail-cloudstack-dev-archive@www.apache.org Delivered-To: apmail-cloudstack-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id CDD0A1058B for ; Fri, 19 Apr 2013 23:18:36 +0000 (UTC) Received: (qmail 88029 invoked by uid 500); 19 Apr 2013 23:18:36 -0000 Delivered-To: apmail-cloudstack-dev-archive@cloudstack.apache.org Received: (qmail 87991 invoked by uid 500); 19 Apr 2013 23:18:36 -0000 Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list dev@cloudstack.apache.org Received: (qmail 87983 invoked by uid 99); 19 Apr 2013 23:18:36 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Apr 2013 23:18:36 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of shadowsor@gmail.com designates 209.85.220.181 as permitted sender) Received: from [209.85.220.181] (HELO mail-vc0-f181.google.com) (209.85.220.181) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Apr 2013 23:18:32 +0000 Received: by mail-vc0-f181.google.com with SMTP id ia10so4445345vcb.12 for ; Fri, 19 Apr 2013 16:18:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=jZSRpYYMXE9OsQ71hMhKGynWx4+FwY6pZrBxlZcNkmI=; b=DWEKzqFWXHfqru+NsAq1O86jLIm4qAFiCZDpzR4e0cGbtozlGyX55vQnDk0IUkj2g5 W49cRO4OJCgjPvxgxULF+JMDqRtV6NLyrbgPMvh3QiNnYXqUCWXohMRGx5eQJUooQ4AK 80mVtRg82RWGJ5JR/Yf+5NFonh5VrhTSSLw9dcO8S/XdfzIm+NQSfAnSJ9lUlwlEyAKN 0B3mdE+KepmRB0IccoAx7pkCCkFD1+HwBBjkfOaDoEVibHp2EETl+z6UK1cWcARzg+Ho DtXnqvzAUy2d4QwXAAWUlLHWfcF2FGqYVwFtIszGrxC+xu7lrt0Hx0Ld76P0UVYTB004 8Zqw== MIME-Version: 1.0 X-Received: by 10.220.153.69 with SMTP id j5mr13015534vcw.35.1366413491673; Fri, 19 Apr 2013 16:18:11 -0700 (PDT) Received: by 10.52.103.106 with HTTP; Fri, 19 Apr 2013 16:18:11 -0700 (PDT) In-Reply-To: References: Date: Fri, 19 Apr 2013 17:18:11 -0600 Message-ID: Subject: Re: ebtables From: Marcus Sorensen To: Maurice Lawler Cc: "dev@cloudstack.apache.org" Content-Type: multipart/alternative; boundary=f46d043c7ca6c99f6104dabeeecf X-Virus-Checked: Checked by ClamAV on apache.org --f46d043c7ca6c99f6104dabeeecf Content-Type: text/plain; charset=ISO-8859-1 I don't remember exactly, but if you look at what IS allowed in the ebtables output, this will show you example rules. On Fri, Apr 19, 2013 at 2:20 PM, Maurice Lawler wrote: > Great -- My ebtables rules are back in place. Now, how can I go about > dropping the rule to allow a secondary IP traffic to a particular VM. > > I cannot remember how to do that, someone once told me. > > > > On Apr 19, 2013, at 01:42 PM, Marcus Sorensen wrote: > > you can go back and disable security groups in the zone if you don't care > about the ebtables rules, or you can start up ebtables and then restart any > associated VMs through cloudstack. The rules are dynamic, so they're not > going to be saved anywhere on the host to be reinstated, they have to be > reapplied by cloudstack via a restart of the vms. > > > On Fri, Apr 19, 2013 at 11:12 AM, Maurice Lawler >wrote: > > > Anyone know how to correct my mistake? > > > > - Maurice > > > > > > On Apr 19, 2013, at 2:01 AM, Maurice Lawler > wrote: > > > > > Perhaps this was not the best thing, now my ports are open; how can I > > revert back to eatables. > > > > > > Along with that, when reverted, how can I drop rules for a particular > VM > > to allow communication via second IP address. > > > > > > > > > On Apr 18, 2013, at 10:34 PM, Maurice Lawler > > wrote: > > > > > >> Disregard, for now, I have disabled/removed ebtables as shown here: > > >> > > >> > > 3CB1DF26ECC0458748AC97CECE2DA98D41012FA47B62D2@SJCPMAILBOX01.citrite.net > %3E'> > http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201302.mbox/% > 3CB1DF26ECC0458748AC97CECE2DA98D41012FA47B62D2@SJCPMAILBOX01.citrite.net > %3E > > > >> > > >> > > >> On Apr 18, 2013, at 11:28 PM, Maurice Lawler > > wrote: > > >> > > >>> Hello -- > > >>> > > >>> Previously one told me how to do this, but I cannot find my notes on > > this, so I hope you can help me out. > > >>> > > >>> I am attempting to allow a secondary IP address on an instance > by-pass > > the routing rules set forth in ebtables. I recall doing something like > > >>> > > >>> ebtables nat i-2-25-VM something ... I cannot for the life of me > > remember. > > >>> > > >>> How to list and/or drop the rules per VM. > > >>> > > >>> Can you guys assist? > > > > > > > > > --f46d043c7ca6c99f6104dabeeecf--