cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jayapal Reddy Uradi <jayapalreddy.ur...@citrix.com>
Subject Re: [Blocker] Default ip table rules on VR
Date Thu, 30 Jul 2015 07:23:06 GMT

It is security concern on the VR. All the ingress traffic onto the VR is accepted.
Let it be blocker.

Thanks,
Jayapal

On 30-Jul-2015, at 12:28 PM, Daan Hoogland <daan.hoogland@gmail.com>
 wrote:

> I changed it to critical. It is only a blocker if we agree on this
> list that it is.
> 
> On Thu, Jul 30, 2015 at 6:44 AM, Sanjeev N <sanjeev@apache.org> wrote:
>> Hi,
>> 
>> In latest ACS builds, the ip table rules in VR have ACCEPT as the default
>> policy in INPUT and FORWARD chains, instead of DROP.
>> 
>> Created a blocker bug for this issue
>> https://issues.apache.org/jira/browse/CLOUDSTACK-8688
>> 
>> Can somebody please fix it?
>> 
>> Thanks,
>> Sanjeev
> 
> 
> 
> -- 
> Daan


Mime
View raw message