[jira] [Updated] (CLOUDSTACK-9761) Custom NW offering with Default Egress policy as " Allow" : only new ICMP rule is created as "accept" instead of " DROP"

Jayapal Reddy (JIRA) Tue, 20 Jun 2017 23:29:03 -0700

     [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9761?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jayapal Reddy updated CLOUDSTACK-9761:
--------------------------------------
    Summary: Custom NW offering with Default Egress policy as " Allow" : only 
new ICMP rule is created as "accept" instead of " DROP"  (was: Custom NW 
offering with Default Egress policy as " Allow" : new ICMP rule is created as 
"accept" instead of " DROP")

> Custom NW offering with Default Egress policy as " Allow" : only new ICMP 
> rule is created as "accept" instead of " DROP"
> ------------------------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9761
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9761
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Virtual Router
>    Affects Versions: 4.9.0.1
>            Reporter: DeepthiMachiraju
>              Labels: pvr
>             Fix For: 4.10.0.0
>
>
> - Create a new network offering say 'nw1' with Default Egress policy as " 
> Allow".
> - deploy a network with the above offering.
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
> - on UI , select ICMP protocol and add the rule . 
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> ACCEPT     icmp --  10.1.1.0/24          0.0.0.0/0            icmptype 255
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
> - tcp/udp rules are added appropriately as drop .
> ================================================================================================
> Chain FW_EGRESS_RULES (1 references)
> target     prot opt source               destination
> DROP       udp  --  10.1.1.0/24          0.0.0.0/0            udp dpts:250:360
> DROP       tcp  --  10.1.1.0/24          0.0.0.0/0            tcp dpts:1:1000
> ACCEPT     icmp --  10.1.1.0/24          0.0.0.0/0            icmptype 255
> ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
> ================================================================================================
>  



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

[jira] [Updated] (CLOUDSTACK-9761) Custom NW offering with Default Egress policy as " Allow" : only new ICMP rule is created as "accept" instead of " DROP"

Reply via email to