[Ovirt-devel] [PATCH node] remove libvirt port from default iptables configuration
Mike Burns
mburns at redhat.com
Wed Jul 27 18:48:44 UTC 2011
rhbz#715296
Signed-off-by: Mike Burns <mburns at redhat.com>
---
recipe/ovirt16-post.ks | 4 ----
recipe/rhevh6-post.ks | 4 ----
2 files changed, 0 insertions(+), 8 deletions(-)
diff --git a/recipe/ovirt16-post.ks b/recipe/ovirt16-post.ks
index 4c9ffd0..0229201 100644
--- a/recipe/ovirt16-post.ks
+++ b/recipe/ovirt16-post.ks
@@ -98,8 +98,6 @@ cat > /etc/sysconfig/iptables << \EOF
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-# libvirt
--A INPUT -p tcp --dport 16509 -j ACCEPT
# libvirt-cim
-A INPUT -p tcp --dport 5989 -j ACCEPT
# SSH
@@ -125,8 +123,6 @@ cat > /etc/sysconfig/ip6tables << \EOF
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-# libvirt
--A INPUT -p tcp --dport 16509 -j ACCEPT
# libvirt-cim
-A INPUT -p tcp --dport 5989 -j ACCEPT
# SSH
diff --git a/recipe/rhevh6-post.ks b/recipe/rhevh6-post.ks
index 95880f8..91db02f 100644
--- a/recipe/rhevh6-post.ks
+++ b/recipe/rhevh6-post.ks
@@ -166,8 +166,6 @@ cat > /etc/sysconfig/iptables << \EOF
-A INPUT -i lo -j ACCEPT
# vdsm
-A INPUT -p tcp --dport 54321 -j ACCEPT
-# libvirt
--A INPUT -p tcp --dport 16509 -j ACCEPT
# libvirt-cim
-A INPUT -p tcp --dport 5989 -j ACCEPT
# SSH
@@ -193,8 +191,6 @@ cat > /etc/sysconfig/ip6tables << \EOF
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p ipv6-icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-# libvirt
--A INPUT -p tcp --dport 16509 -j ACCEPT
# libvirt-cim
-A INPUT -p tcp --dport 5989 -j ACCEPT
# SSH
--
1.7.6
More information about the ovirt-devel
mailing list