On Tue, Jul 12, 2016 at 10:22 AM, Yaniv Kaul <yk...@redhat.com> wrote: > > > On Mon, Jul 11, 2016 at 7:10 PM, Rafael Almeida > <ralme...@prefecturaloja.gob.ec> wrote: >> >> Hello, i need secure my hosts runining ovirt (vdsm-4.18.4.1-0) over centos >> 7, this because oVirt installed on a minimal install of centos 7x, could >> helpme by sending all required ports enabled for hosts.
For _hosts_, you can see the default iptables configuration that is configured if you choose so when adding a host, buy running: engine-config -g IPTablesConfig You can also customize this by setting the config key IPTablesConfigSiteCustom, which is empty by default. >> >> pd. selinux=disabled, firewalld=enabled firewalld is not supported yet for hosts, see this: https://bugzilla.redhat.com/show_bug.cgi?id=995362 > > > - We configure the firewall already for all required ports. Indeed, if you choose so, which is the default. Of course you can choose not to, and configure iptables by other means, thus also limiting access to specific address ranges etc. > - How is disabling selinux making anything more secure? Indeed...? Best, > Y. > >> Thanks for the help >> >> Rafael Almeida Orellana >> >> >> >> _______________________________________________ >> Users mailing list >> Users@ovirt.org >> http://lists.ovirt.org/mailman/listinfo/users >> > > > _______________________________________________ > Users mailing list > Users@ovirt.org > http://lists.ovirt.org/mailman/listinfo/users > -- Didi _______________________________________________ Users mailing list Users@ovirt.org http://lists.ovirt.org/mailman/listinfo/users
