Return-Path: 
 <dev-return-91106-apmail-cloudstack-dev-archive=cloudstack.apache.org@cloudstack.apache.org>
X-Original-To: apmail-cloudstack-dev-archive@www.apache.org
Delivered-To: apmail-cloudstack-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 7E7DD19922
	for <apmail-cloudstack-dev-archive@www.apache.org>;
 Mon,  4 Apr 2016 16:47:17 +0000 (UTC)
Received: (qmail 28053 invoked by uid 500); 4 Apr 2016 16:47:17 -0000
Delivered-To: apmail-cloudstack-dev-archive@cloudstack.apache.org
Received: (qmail 27994 invoked by uid 500); 4 Apr 2016 16:47:17 -0000
Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:dev@cloudstack.apache.org>
List-Id: <dev.cloudstack.apache.org>
Reply-To: dev@cloudstack.apache.org
Delivered-To: mailing list dev@cloudstack.apache.org
Received: (qmail 27912 invoked by uid 99); 4 Apr 2016 16:47:15 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO
 spamd4-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 04 Apr 2016 16:47:15 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org)
 with ESMTP id BDEFFC0222
	for <dev@cloudstack.apache.org>; Mon,  4 Apr 2016 16:47:14 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.102
X-Spam-Level: 
X-Spam-Status: No, score=-0.102 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=disabled
Authentication-Results: spamd4-us-west.apache.org (amavisd-new);
	dkim=pass (1024-bit key) header.d=li.nux.ro
Received: from mx2-lw-us.apache.org ([10.40.0.8])
	by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new,
 port 10024)
	with ESMTP id Cq2qjhge3paB for <dev@cloudstack.apache.org>;
	Mon,  4 Apr 2016 16:47:12 +0000 (UTC)
Received: from mailserver.lastdot.org (mailserver.lastdot.org
 [31.193.175.196])
	by mx2-lw-us.apache.org (ASF Mail Server at mx2-lw-us.apache.org) with ESMTPS
 id 0E4875F5CD
	for <dev@cloudstack.apache.org>; Mon,  4 Apr 2016 16:47:11 +0000 (UTC)
Received: from localhost (localhost [IPv6:::1])
	by mailserver.lastdot.org (Postfix) with ESMTP id 82F6D2C3D08
	for <dev@cloudstack.apache.org>; Mon,  4 Apr 2016 17:47:09 +0100 (BST)
Received: from mailserver.lastdot.org ([IPv6:::1])
	by localhost (mailserver.lastdot.org [IPv6:::1]) (amavisd-new, port 10032)
	with ESMTP id DeZw0RqmXQKX for <dev@cloudstack.apache.org>;
	Mon,  4 Apr 2016 17:47:08 +0100 (BST)
Received: from localhost (localhost [IPv6:::1])
	by mailserver.lastdot.org (Postfix) with ESMTP id 703582C3D0B
	for <dev@cloudstack.apache.org>; Mon,  4 Apr 2016 17:47:08 +0100 (BST)
DKIM-Filter: OpenDKIM Filter v2.9.2 mailserver.lastdot.org 703582C3D0B
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=li.nux.ro;
	s=C605E3A6-F3C6-11E3-AEB0-DFF9218DCAC4; t=1459788428;
	bh=WsUCedr1OBFY7Ps9ypcQWOPkmWveWKJGf+5bHtuvfr8=;
	h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type:
	 Content-Transfer-Encoding;
	b=bZA/r5dkrccQr2eXWWotUXrcf/nkHO8m+h3rZ/wDXXWwm7orkH2WQ9JpXKHVal6i0
	 4vjoShk64LK/ZGMGzzVXkYG3zP4xMu+XGV44denCbFxQAqbPRQoXnqn+SNJOl9hvpX
	 pAlhAwWYBk4Ro9DojDV8EJU41+wR/Wg+HUwFYOIA=
X-Virus-Scanned: amavisd-new at mailserver.lastdot.org
Received: from mailserver.lastdot.org ([IPv6:::1])
	by localhost (mailserver.lastdot.org [IPv6:::1]) (amavisd-new, port 10026)
	with ESMTP id qA02ivKmQ44T for <dev@cloudstack.apache.org>;
	Mon,  4 Apr 2016 17:47:08 +0100 (BST)
Received: from mailserver.lastdot.org (mailserver.lastdot.org
 [31.193.175.196])
	by mailserver.lastdot.org (Postfix) with ESMTP id 435C72C3D08
	for <dev@cloudstack.apache.org>; Mon,  4 Apr 2016 17:47:08 +0100 (BST)
Date: Mon, 4 Apr 2016 17:47:07 +0100 (BST)
From: Nux! <nux@li.nux.ro>
To: dev <dev@cloudstack.apache.org>
Message-ID: <215197425.934.1459788427995.JavaMail.zimbra@li.nux.ro>
In-Reply-To: <1154113302.104683.1459507330707.JavaMail.zimbra@li.nux.ro>
References: <1154113302.104683.1459507330707.JavaMail.zimbra@li.nux.ro>
Subject: Re: Hooking into the SecurityGroups
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Mailer: Zimbra 8.6.0_GA_1194 (ZimbraWebClient - FF38 (Linux)/8.6.0_GA_1194)
Thread-Topic: Hooking into the SecurityGroups
Thread-Index: gckrq9IDtix2Y6HMEjqZBSL4jfz2wqBhYa1M

Well, this is what we got working in the end. If someone has any suggestions on how to improve it, that'd be great.

https://github.com/NuxRo/cloudstack/commit/de6f97367fc2dc02378f367c462eaaec8f92e234

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

----- Original Message -----
> From: "Nux!" <nux@li.nux.ro>
> To: "dev" <dev@cloudstack.apache.org>
> Sent: Friday, 1 April, 2016 11:42:10
> Subject: Hooking into the SecurityGroups

> Hi,
> 
> I want to hook into the SGs and add a few iptables rules every time a VM is
> spawned and delete them when the VM is moved/deleted.
> Has anyone done this before? Any pointers before I go and butcher it? :-)
> 
> Lucian
> 
> --
> Sent from the Delta quadrant using Borg technology!
> 
> Nux!
> www.nux.ro