RE: [VOTE] Apache CloudStack 4.3.0 (eighth round)

Nux! Fri, 14 Mar 2014 13:14:57 -0700

On 14.03.2014 19:36, Edison Su wrote:

-----Original Message-----
From: Nux! [mailto:n...@li.nux.ro]
Sent: Friday, March 14, 2014 12:19 PM
To: dev@cloudstack.apache.org
Subject: RE: [VOTE] Apache CloudStack 4.3.0 (eighth round)


On 14.03.2014 19:14, Edison Su wrote:

Hi Nux,
   Could you post security group log file on your 4.3 kvm host? The
file is @/var/log/cloudstack/agent/security_group.log

Thanks Edison, but the problem went away once I replaced that pythonscript

with
https://git-wip-
us.apache.org/repos/asf?p=cloudstack.git;a=blob_plain;f=scripts/vm/netwo
rk/security_group.py;h=0ac8b74a872d46b5def69be8df35e4fc49eb52b3;hb=0
898a264a5463b85c4cab3033f9c3161c5ef83f8


But the code is not for 4.3, right?
I want to figure out, why 4.3 security group is broken.


I think this is the key difference:

-A FORWARD -o brbond0-540 -m physdev --physdev-is-bridged -jBF-brbond0-540-A FORWARD -i brbond0-540 -m physdev --physdev-is-bridged -jBF-brbond0-540

-A FORWARD -o brbond0-540 -j DROP
-A FORWARD -i brbond0-540 -j DROP

It's missing in the 4.3 and since FORWARD chain defaults to ACCEPT ...
I'll try to rollback to old script and send you the logs.

Lucian

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

RE: [VOTE] Apache CloudStack 4.3.0 (eighth round)

Reply via email to