Return-Path: X-Original-To: apmail-cloudstack-users-archive@www.apache.org Delivered-To: apmail-cloudstack-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 1B85E10301 for ; Thu, 7 Nov 2013 12:34:53 +0000 (UTC) Received: (qmail 98599 invoked by uid 500); 7 Nov 2013 12:34:35 -0000 Delivered-To: apmail-cloudstack-users-archive@cloudstack.apache.org Received: (qmail 98551 invoked by uid 500); 7 Nov 2013 12:34:31 -0000 Mailing-List: contact users-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@cloudstack.apache.org Delivered-To: mailing list users@cloudstack.apache.org Received: (qmail 98529 invoked by uid 99); 7 Nov 2013 12:34:28 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Nov 2013 12:34:28 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of prakash@assistanz.com designates 166.78.23.242 as permitted sender) Received: from [166.78.23.242] (HELO server1.assistanz.com) (166.78.23.242) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Nov 2013 12:34:23 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=assistanz.com; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:To:From:Subject:Date:Message-ID; bh=gDaTt0OxXyx2b11KxN979kFBeSbH0LNYYYgm6bMtDKs=; b=l+LD0vmZNMHysfXvMjhXJTCNynCKeiWyrX8H9WFgZN2bFpOwkt7PvN/20gunC0cRobUGPznKC8krLO8/Htx/fqJbN1khgnd6K/IWWmHIjEHoAO3xq05gBKfiWkvwnPLvDze5DvN49twLookcYC5UE3W4Ck7w9vsxoRQwQIY1uGY=; Received: from localhost ([::1]:50752 helo=assistanz.com) by server1.assistanz.com with esmtpa (Exim 4.80.1) (envelope-from ) id 1VeOmg-0002qC-D9 for users@cloudstack.apache.org; Thu, 07 Nov 2013 12:34:02 +0000 Received: from 182.73.212.174 ([182.73.212.174]) (SquirrelMail authenticated user prakash@assistanz.com) by assistanz.com with HTTP; Thu, 7 Nov 2013 12:34:02 -0000 Message-ID: <959fa3bd0dd0a5fb1e1c4d1ad1042a5c.squirrel@assistanz.com> Date: Thu, 7 Nov 2013 12:34:02 -0000 Subject: Reg:Issue in systemvm firewall From: prakash@assistanz.com To: users@cloudstack.apache.org User-Agent: SquirrelMail/1.4.22 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - server1.assistanz.com X-AntiAbuse: Original Domain - cloudstack.apache.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - assistanz.com X-Get-Message-Sender-Via: server1.assistanz.com: authenticated_id: prakash@assistanz.com X-Virus-Checked: Checked by ClamAV on apache.org Hi, I have configured xenserver clusters in cloudstack with security group as network offering in basiczone. Everything is working fine but i am facing major issue, while restart management server or xenserver my systemvms and other vms in that zone automatically block all incoming traffic by default. We are unable to access systemvm(console vm) and other vms after flush iptables in system vm and guest vm. I am able to access everything. Is this bug or cloudstack default block all incoming traffic in production environment after restarted cloudstack. Regards, Prakash.M