4.0.2 KVM????????
------------------ ???????? ------------------ ??????: "zhangyan";<zy.zhang...@neusoft.com>; ????????: 2014??5??16??(??????) ????10:06 ??????: "users-cn"<users-cn@cloudstack.apache.org>; ????: ????: ???????????????????????? ????cloudstack?????????????????????????? -----????????----- ??????: ?????? [mailto:754282...@qq.com] ????????: 2014??5??15?? 9:42 ??????: users-cn ????: ???????????????????????? ???????? 1.??????????????ping?? 2.????????????????????????????????A 3.????A??????????????ping?????????????????????? 4.????????????????A????????????????ping?? 5.????????????A????????????????????????????????????ping?? ??????????????????????????????????????????????????????????ping???????????? ???????????? ???????????????????????????? [root@iad-kvm-1 ~]# service iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 BF-br-guest all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 2 BF-br-guest all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-bridged 3 DROP all -- 0.0.0.0/0 0.0.0.0/0 4 DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) num target prot opt source destination Chain BF-br-guest (2 references) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 BF-br-guest-IN all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-in --physdev-is-bridged 3 BF-br-guest-OUT all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-is-out --physdev-is-bridged 4 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out eth1 --physdev-is-bridged Chain BF-br-guest-IN (1 references) num target prot opt source destination 1 i-2-505-def all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet6 --physdev-is-bridged Chain BF-br-guest-OUT (1 references) num target prot opt source destination 1 i-2-505-def all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet6 --physdev-is-bridged Chain i-2-505-VM (1 references) num target prot opt source destination 1 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:1:65535 state NEW 2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:1:65535 state NEW 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 4 DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain i-2-505-VM-eg (1 references) num target prot opt source destination 1 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:1:65535 state NEW 2 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:1:65535 state NEW 3 RETURN icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 4 DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain i-2-505-def (2 references) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in vnet6 --physdev-is-bridged udp spt:68 dpt:67 3 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet6 --physdev-is-bridged udp spt:67 dpt:68 4 RETURN udp -- 10.5.26.96 0.0.0.0/0 PHYSDEV match --physdev-in vnet6 --physdev-is-bridged udp dpt:53 5 i-2-505-VM-eg all -- 10.5.26.96 0.0.0.0/0 PHYSDEV match --physdev-in vnet6 --physdev-is-bridged 6 i-2-505-VM all -- 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out vnet6 --physdev-is-bridged --------------------------------------------------------------------------------------------------- Confidentiality Notice: The information contained in this e-mail and any accompanying attachment(s) is intended only for the use of the intended recipient and may be confidential and/or privileged of Neusoft Corporation, its subsidiaries and/or its affiliates. If any reader of this communication is not the intended recipient, unauthorized use, forwarding, printing, storing, disclosure or copying is strictly prohibited, and may be unlawful.If you have received this communication in error,please immediately notify the sender by return e-mail, and delete the original message and all copies from your system. Thank you. ---------------------------------------------------------------------------------------------------
