cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-10138) Load br_netfilter in security_group management script
Date Sun, 12 Nov 2017 03:40:00 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-10138?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16248773#comment-16248773
] 

ASF GitHub Bot commented on CLOUDSTACK-10138:
---------------------------------------------

bwsw commented on issue #2319: CLOUDSTACK-10138: Load br_netfilter in security_group management
script
URL: https://github.com/apache/cloudstack/pull/2319#issuecomment-343711169
 
 
   Hello, 14.04 is affected too. 
   
   Ok, generally, it either should be handled by 
   - script (may be smarter) or 
   -s etup of agent or 
   - documentation (which is absent). 
   
   I think the check should be imroved. Ok, I haven't realized that it may be absent, but
this means that it also can be either compiled-in or disabled, and your check is also weak
(for abstract user).

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Load br_netfilter in security_group management script
> -----------------------------------------------------
>
>                 Key: CLOUDSTACK-10138
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10138
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: cloudstack-agent
>    Affects Versions: 4.10.0.0
>         Environment: Ubuntu 14.04
>            Reporter: Ivan Kudryavtsev
>
> When setting 
> sysctl -w net.bridge.bridge-nf-call-arptables=1
> sysctl -w net.bridge.bridge-nf-call-iptables=1
> sysctl -w net.bridge.bridge-nf-call-ip6tables=1
> /usr/share/cloudstack-common/scripts/vm/network/security_group.py
> doesn't check that br_netfilter is load.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message