It is better to do it through API. CloudStack already provides several APIs for customer to add ACL for customer network, what kind of rules do you want to add? Can you do it through current API? Or what kind API you would like to add?
Anthony > -----Original Message----- > From: Clayton Weise [mailto:cwe...@iswest.net] > Sent: Wednesday, May 09, 2012 4:26 PM > To: 'cloudstack-dev@incubator.apache.org' > Subject: RE: domr iptables rules > > As a dirty hack would it be possible to create an init script which > added these custom rules when the domr boots? > > -----Original Message----- > From: Anthony Xu [mailto:xuefei...@citrix.com] > Sent: Wednesday, May 09, 2012 12:21 PM > To: cloudstack-dev@incubator.apache.org > Subject: RE: domr iptables rules > > Iptables rules is not persistent inside domr, CloudStack send command > to domr to generate rules on demand. > So if you reboot domr, some rules may not come back. But if you reboot > domr through Cloudstack UI, all rules should come back, Cloudstack will > send commands to program rules again. > > > Anthony > > > > -----Original Message----- > > From: Clayton Weise [mailto:cwe...@iswest.net] > > Sent: Wednesday, May 09, 2012 10:09 AM > > To: 'cloudstack-dev@incubator.apache.org' > > Subject: domr iptables rules > > > > Where are these kept? After rebooting a virtual router not all of > the > > firewall rules came back. Also, I wanted to manually add a few > things > > and I was curious where I could do it and have those rules retained > > when the domr reboots. > > > > Thanks
