Re: IP tables blocking KVM/Console

2013-04-19 Thread Marcus Sorensen
EPT > >> > >> That's not working, so I am going back to my cronjob! > >> > >> - Maurice > >> > >> > >> On Apr 19, 2013, at 02:08 PM, Edison Su wrote: > >> > >> > >> > >> > -Original Message--

Re: IP tables blocking KVM/Console

2013-04-19 Thread Maurice Lawler
going back to my cronjob! >> >> - Maurice >> >> >> On Apr 19, 2013, at 02:08 PM, Edison Su <edison...@citrix.com> wrote: >> >> >> >> > -Original Message- >> > From: Jason Pavao [mailto:jason.pa...@oracle.com] >> &

Re: IP tables blocking KVM/Console

2013-04-19 Thread Marcus Sorensen
; > From: Jason Pavao [mailto:jason.pa...@oracle.com] >> > Sent: Thursday, April 18, 2013 8:50 AM >> > To: dev@cloudstack.apache.org >> > Cc: Maurice Lawler; us...@cloudstack.apache.org >> > Subject: Re: IP tables blocking KVM/Console >> > >> > M

Re: IP tables blocking KVM/Console

2013-04-19 Thread Marcus Sorensen
...@oracle.com] > > Sent: Thursday, April 18, 2013 8:50 AM > > To: dev@cloudstack.apache.org > > Cc: Maurice Lawler; us...@cloudstack.apache.org > > Subject: Re: IP tables blocking KVM/Console > > > > Maurice, > > I was having the same issues, I tried a number of iptab

Re: IP tables blocking KVM/Console

2013-04-19 Thread Maurice Lawler
r 19, 2013, at 02:08 PM, Edison Su wrote: > -Original Message- > From: Jason Pavao [mailto:jason.pa...@oracle.com] > Sent: Thursday, April 18, 2013 8:50 AM > To: dev@cloudstack.apache.org > Cc: Maurice Lawler; us...@cloudstack.apache.org > Subject: Re: IP tables blocking K

Re: IP tables blocking KVM/Console

2013-04-19 Thread Maurice Lawler
Marcus, here is that output you mentioned -- To avoid this from happening, I run a cronjob to clear the tables ever so often, as to not repopulate and cause issues.Chain INPUT (policy ACCEPT 13136 packets, 71M bytes) pkts bytes target prot opt in out source   destination

Re: IP tables blocking KVM/Console

2013-04-19 Thread Marcus Sorensen
That's reflected by this line: ACCEPT tcp -- anywhere anywheretcp dpts:vnc-server:synchronet-db Although we don't know what interfaces it applies to because we don't have an 'iptables -L -v' If stopping iptables fixes Maurice's problem it would be interesting to kno

RE: IP tables blocking KVM/Console

2013-04-19 Thread Edison Su
This rule will reject all the ingress activities: "REJECT all -- anywhere anywherereject-with icmp-host-prohibited" You can try: iptables -I INPUT -p tcp -m tcp --dport 5900:6100 -j ACCEPT to allow console access. From: Maurice Lawler [mailto:maurice.law...@me.com] S

RE: IP tables blocking KVM/Console

2013-04-19 Thread Edison Su
> -Original Message- > From: Jason Pavao [mailto:jason.pa...@oracle.com] > Sent: Thursday, April 18, 2013 8:50 AM > To: dev@cloudstack.apache.org > Cc: Maurice Lawler; us...@cloudstack.apache.org > Subject: Re: IP tables blocking KVM/Console > > Maurice, > I

Re: IP tables blocking KVM/Console

2013-04-18 Thread Jason Pavao
Maurice, I was having the same issues, I tried a number of iptables rule changes, but it seems that whenever a new instance was deployed it would overwrite my changes and break things again. My temporary fix is to run a cron job that runs every minute that issues a service iptables stop. It's