[ https://issues.apache.org/jira/browse/CLOUDSTACK-9761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jayapal Reddy updated CLOUDSTACK-9761: -------------------------------------- Summary: Custom NW offering with Default Egress policy as " Allow" : only new ICMP rule is created as "accept" instead of " DROP" (was: Custom NW offering with Default Egress policy as " Allow" : new ICMP rule is created as "accept" instead of " DROP") > Custom NW offering with Default Egress policy as " Allow" : only new ICMP > rule is created as "accept" instead of " DROP" > ------------------------------------------------------------------------------------------------------------------------ > > Key: CLOUDSTACK-9761 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9761 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Virtual Router > Affects Versions: 4.9.0.1 > Reporter: DeepthiMachiraju > Labels: pvr > Fix For: 4.10.0.0 > > > - Create a new network offering say 'nw1' with Default Egress policy as " > Allow". > - deploy a network with the above offering. > ================================================================================================ > Chain FW_EGRESS_RULES (1 references) > target prot opt source destination > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > ================================================================================================ > - on UI , select ICMP protocol and add the rule . > ================================================================================================ > Chain FW_EGRESS_RULES (1 references) > target prot opt source destination > ACCEPT icmp -- 10.1.1.0/24 0.0.0.0/0 icmptype 255 > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > ================================================================================================ > - tcp/udp rules are added appropriately as drop . > ================================================================================================ > Chain FW_EGRESS_RULES (1 references) > target prot opt source destination > DROP udp -- 10.1.1.0/24 0.0.0.0/0 udp dpts:250:360 > DROP tcp -- 10.1.1.0/24 0.0.0.0/0 tcp dpts:1:1000 > ACCEPT icmp -- 10.1.1.0/24 0.0.0.0/0 icmptype 255 > ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 > ================================================================================================ > -- This message was sent by Atlassian JIRA (v6.4.14#64029)