the old
>>> iptables-vpcrouter/iptables-router files.
>>>
>>> Cheers,
>>> Wilder
>>>
>>>
>>>> On 31 Jul 2015, at 06:03, Sanjeev N wrote:
>>>>
>>>> Thanks for working on it Wilder !!
>>>>
ilder Rodrigues <
>>> wrodrig...@schubergphilis.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> We discussed that one yesterday and I already assigned the issue to
>> myself
>>>> on Jira. I will fix it.
>>>>
>>>> Cheers,
>
>
> >>
> >>
> >>> On 30 Jul 2015, at 14:09, Sanjeev N wrote:
> >>>
> >>> Agree with Kishan Kavala and Jayapal.
> >>>
> >>> On Thu, Jul 30, 2015 at 2:13 PM, Kishan Kavala <
> kishan.kav...@citrix.com
> >>
e with Kishan Kavala and Jayapal.
>>>
>>> On Thu, Jul 30, 2015 at 2:13 PM, Kishan Kavala >>
>>> wrote:
>>>
>>>> This is a security issue with high impact.
>>>> We should treat it as a blocker.
>>>>
>>>> ---
e should treat it as a blocker.
> >>
> >> -Original Message-
> >> From: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com]
> >> Sent: 30 July 2015 02:07 PM
> >> To:
> >> Subject: Re: [Blocker] Default ip table rules on VR
> >&g
Guys, I see votes here but no arguments. Why is it a blocker?
>>> From: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com]
>>> Sent: 30 July 2015 02:07 PM
>>> To:
>>> Subject: Re: [Blocker] Default ip table rules on VR
>>>
>>> I see
e:
>
>> This is a security issue with high impact.
>> We should treat it as a blocker.
>>
>> -Original Message-
>> From: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com]
>> Sent: 30 July 2015 02:07 PM
>> To:
>> Subject: Re: [Blo
t: 30 July 2015 02:07 PM
> To:
> Subject: Re: [Blocker] Default ip table rules on VR
>
> I see VR ingress traffic is blocked by default from iptables mangle table.
> But on the guest interface all the traffic is accepted.
> Also egress firewall rule will break because of FORWARD
This is a security issue with high impact.
We should treat it as a blocker.
-Original Message-
From: Jayapal Reddy Uradi [mailto:jayapalreddy.ur...@citrix.com]
Sent: 30 July 2015 02:07 PM
To:
Subject: Re: [Blocker] Default ip table rules on VR
I see VR ingress traffic is blocked by
I see VR ingress traffic is blocked by default from iptables mangle table.
But on the guest interface all the traffic is accepted.
Also egress firewall rule will break because of FORWARD policy.
Thanks,
Jayapal
On 30-Jul-2015, at 12:53 PM, Jayapal Reddy Uradi
wrote:
>
> It is security concern
It is security concern on the VR. All the ingress traffic onto the VR is
accepted.
Let it be blocker.
Thanks,
Jayapal
On 30-Jul-2015, at 12:28 PM, Daan Hoogland
wrote:
> I changed it to critical. It is only a blocker if we agree on this
> list that it is.
>
> On Thu, Jul 30, 2015 at 6:44 AM
I changed it to critical. It is only a blocker if we agree on this
list that it is.
On Thu, Jul 30, 2015 at 6:44 AM, Sanjeev N wrote:
> Hi,
>
> In latest ACS builds, the ip table rules in VR have ACCEPT as the default
> policy in INPUT and FORWARD chains, instead of DROP.
>
> Created a blocker bu
12 matches
Mail list logo
