cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jayapal Reddy (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-9848) VR commands exist status is not checked in python config files
Date Thu, 23 Mar 2017 13:29:42 GMT


Jayapal Reddy commented on CLOUDSTACK-9848:

Currently for add_chain exist status is not checked because the iptables rules add processing
fails when iptables chain policy is added. please see my below debug log.

For '-P INPUT DROP' in compare method it is trying add chain without name (actually there
is no need to add chain for policy add rule) 'iptables -t filter -N'

2017-03-23 09:34:06,048 compare:139 fw ['filter', '', '-P INPUT DROP']
2017-03-23 09:34:06,048 execute2:209 Executing: iptables -t filter -N
2017-03-23 09:34:06,056 main:1032 Exception while configuring router
Traceback (most recent call last):
  File "/opt/cloud/bin/", line 1015, in main
  File "/opt/cloud/bin/cs/", line 143, in compare
  File "/opt/cloud/bin/cs/", line 193, in add_chain
    raise Exception("iptables command got failed with error: {}".format(error))
Exception: iptables command got failed with error:

> VR commands exist status is not checked in python config files
> --------------------------------------------------------------
>                 Key: CLOUDSTACK-9848
>                 URL:
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>            Reporter: Jayapal Reddy
>            Assignee: Jayapal Reddy
> When iptables rules are configured on the VR failures or exceptions are not detected
in VR because iptables commands exit/return status is not checked.Also in exception catch
failure is not returned.

This message was sent by Atlassian JIRA

View raw message