[jira] [Updated] (CLOUDSTACK-324) Cannot edit default security group rules, default security group blocks all inbound traffic.

Fri, 12 Oct 2012 11:39:05 -0700 

     [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Max Clark updated CLOUDSTACK-324:
---------------------------------

    Comment: was deleted

(was: I'm aware that I can delete the network, create a new network with 
SGService and then edit the security group. The idea here is that the _default_ 
is to create WithoutSGService, and when this happens the _default_ security 
group applied to the VMs blocks all inbound traffic. This default security 
group should either be 1) permissive, or 2) editable when configured in this 
manner.)
    
> Cannot edit default security group rules, default security group blocks all 
> inbound traffic.
> --------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-324
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-324
>             Project: CloudStack
>          Issue Type: Bug
>    Affects Versions: pre-4.0.0
>            Reporter: Max Clark
>            Assignee: Wido den Hollander
>              Labels: iptables, network, security
>             Fix For: 4.1.0
>
>
> When configuring basic networking, by default the network is created with the 
> "DefaultSharedNetworkOffering". This offering does not have a security group. 
> No inbound traffic is allowed to the created VMs. Reading the AdminGuide 
> documentation:
> "Each CloudStack account comes with a default security group that denies all 
> inbound traffic and allows all outbound traffic. The default security group 
> can be modified so that all new VMs inherit some other desired set of rules."
> If a network is created without a security group, it shouldn't have a 
> security group and all inbound/outbound traffic should be allowed - or at the 
> very least the default security group should be able to be configured.
> http://www.cloudstack.com/forum/8-storage-and-networking/7054-vm-instance-cant-be-accessd-using-basic-networking.html?limit=6&start=6#7084

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to