DaanHoogland commented on a change in pull request #2505: CLOUDSTACK-10333: Secure Live VM Migration for KVM URL: https://github.com/apache/cloudstack/pull/2505#discussion_r179684831
########## File path: debian/cloudstack-agent.postinst ########## @@ -50,6 +50,13 @@ case "$1" in mkdir /etc/libvirt/hooks fi cp -a /usr/share/cloudstack-agent/lib/libvirtqemuhook /etc/libvirt/hooks/qemu + + # Enable TLS enabled VM migration for libvirtd + if ! iptables-save | grep -- "-A INPUT -p tcp -m tcp --dport 16514 -j ACCEPT" > /dev/null; then + iptables -t filter -A INPUT -p tcp -m tcp --dport 16514 -j ACCEPT + iptables-save > /etc/iptables/rules.v4 + fi + Review comment: Is there an alternative that will work. I would not like to see a large devide between the amount of work to be done on rhel-like systems versus debian-likes. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services