cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nux! <...@li.nux.ro>
Subject RE: [VOTE] Apache CloudStack 4.3.0 (eighth round)
Date Fri, 14 Mar 2014 20:13:21 GMT
On 14.03.2014 19:36, Edison Su wrote:
>> -----Original Message-----
>> From: Nux! [mailto:nux@li.nux.ro]
>> Sent: Friday, March 14, 2014 12:19 PM
>> To: dev@cloudstack.apache.org
>> Subject: RE: [VOTE] Apache CloudStack 4.3.0 (eighth round)
>> 
>> On 14.03.2014 19:14, Edison Su wrote:
>>> Hi Nux,
>>>    Could you post security group log file on your 4.3 kvm host? The
>>> file is @/var/log/cloudstack/agent/security_group.log
>> 
>> Thanks Edison, but the problem went away once I replaced that python 
>> script
>> with
>> https://git-wip-
>> us.apache.org/repos/asf?p=cloudstack.git;a=blob_plain;f=scripts/vm/netwo
>> rk/security_group.py;h=0ac8b74a872d46b5def69be8df35e4fc49eb52b3;hb=0
>> 898a264a5463b85c4cab3033f9c3161c5ef83f8
> 
> But the code is not for 4.3, right?
> I want to figure out, why 4.3 security group is broken.

I think this is the key difference:

-A FORWARD -o brbond0-540 -m physdev --physdev-is-bridged -j 
BF-brbond0-540
-A FORWARD -i brbond0-540 -m physdev --physdev-is-bridged -j 
BF-brbond0-540
-A FORWARD -o brbond0-540 -j DROP
-A FORWARD -i brbond0-540 -j DROP

It's missing in the 4.3 and since FORWARD chain defaults to ACCEPT ...
I'll try to rollback to old script and send you the logs.

Lucian

-- 
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

Mime
View raw message