The following change will the be root cause:
- refs = execute("iptables -n -L " + brfw + " |grep " + brfw + " | cut
-d \( -f2 | awk '{print $1}'").strip()
+ refs = execute("""iptables -n -L " + brfw + " | awk
'/%s(.*)references/ {gsub(/\(/, "") ;print $3}'""" % brfw).strip()
In commit: 052bff15c6603877e7a0767993eb4675e9bd9ca8
The code should be
+ refs = execute("""iptables -n -L " + %s + " | awk '/%s(.*)references/
{gsub(/\(/, "") ;print $3}'""" % (brfw, brfw)).strip()
> -----Original Message-----
> From: Nux! [mailto:n...@li.nux.ro]
> Sent: Friday, March 14, 2014 1:13 PM
> To: dev@cloudstack.apache.org
> Subject: RE: [VOTE] Apache CloudStack 4.3.0 (eighth round)
>
> On 14.03.2014 19:36, Edison Su wrote:
> >> -----Original Message-----
> >> From: Nux! [mailto:n...@li.nux.ro]
> >> Sent: Friday, March 14, 2014 12:19 PM
> >> To: dev@cloudstack.apache.org
> >> Subject: RE: [VOTE] Apache CloudStack 4.3.0 (eighth round)
> >>
> >> On 14.03.2014 19:14, Edison Su wrote:
> >>> Hi Nux,
> >>> Could you post security group log file on your 4.3 kvm host? The
> >>> file is @/var/log/cloudstack/agent/security_group.log
> >>
> >> Thanks Edison, but the problem went away once I replaced that python
> >> script with
> >> https://git-wip-
> >> us.apache.org/repos/asf?p=cloudstack.git;a=blob_plain;f=scripts/vm/ne
> >> two
> >>
> rk/security_group.py;h=0ac8b74a872d46b5def69be8df35e4fc49eb52b3;hb=0
> >> 898a264a5463b85c4cab3033f9c3161c5ef83f8
> >
> > But the code is not for 4.3, right?
> > I want to figure out, why 4.3 security group is broken.
>
> I think this is the key difference:
>
> -A FORWARD -o brbond0-540 -m physdev --physdev-is-bridged -j
> BF-brbond0-540
> -A FORWARD -i brbond0-540 -m physdev --physdev-is-bridged -j
> BF-brbond0-540
> -A FORWARD -o brbond0-540 -j DROP
> -A FORWARD -i brbond0-540 -j DROP
>
> It's missing in the 4.3 and since FORWARD chain defaults to ACCEPT ...
> I'll try to rollback to old script and send you the logs.
>
> Lucian
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
