cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "DeepthiMachiraju (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CLOUDSTACK-9761) Custom NW offering with Default Egress policy as " Allow" : new ICMP rule is created as "accept" instead of " DROP"
Date Tue, 06 Jun 2017 06:27:18 GMT

     [ https://issues.apache.org/jira/browse/CLOUDSTACK-9761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

DeepthiMachiraju updated CLOUDSTACK-9761:
-----------------------------------------
    Labels: pvr  (was: )

> Custom NW offering with Default Egress policy as " Allow" : new ICMP rule is created
as "accept" instead of " DROP"
> -------------------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9761
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9761
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Virtual Router
>    Affects Versions: 4.9.0.1
>            Reporter: DeepthiMachiraju
>              Labels: pvr
>             Fix For: 4.10.0.0
>
>
> - Create a new network offering say 'nw1' with Default Egress policy as " Allow".
> - deploy a network with the above offering.
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
> - on UI , select ICMP protocol and add the rule . 
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> ACCEPT     icmp --  10.1.1.0/24          0.0.0.0/0            icmptype 255
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
> - tcp/udp rules are added appropriately as drop .
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> DROP       udp  --  10.1.1.0/24          0.0.0.0/0            udp dpts:250:360
> DROP       tcp  --  10.1.1.0/24          0.0.0.0/0            tcp dpts:1:1000
> ACCEPT     icmp --  10.1.1.0/24          0.0.0.0/0            icmptype 255
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
>  



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message