[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Rdo-list] http server problem with openstack



New iptables -nL (for computer B)

Chain INPUT (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     tcp  --  192.168.0.20         0.0.0.0/0            multiport dports 5671,5672 /* 001 amqp incoming amqp_192.168.0.20 */
ACCEPT     tcp  --  192.168.0.19         0.0.0.0/0            multiport dports 5666 /* 001 nagios-nrpe incoming nagios_nrpe */
ACCEPT     udp  --  192.168.0.19         0.0.0.0/0            multiport dports 4789 /* 001 neutron tunnel port incoming neutron_tunnel_192.168.0.20_192.168.0.19 */
ACCEPT     tcp  --  192.168.0.19         0.0.0.0/0            multiport dports 5900:5999 /* 001 nova compute incoming nova_compute */
ACCEPT     tcp  --  192.168.0.20         0.0.0.0/0            multiport dports 16509,49152:49215 /* 001 nova qemu migration incoming nova_qemu_migration_192.168.0.20_192.168.0.20 */
ACCEPT     tcp  --  192.168.0.21         0.0.0.0/0            multiport dports 16509,49152:49215 /* 001 nova qemu migration incoming nova_qemu_migration_192.168.0.20_192.168.0.21 */
ACCEPT     tcp  --  192.168.0.22         0.0.0.0/0            multiport dports 16509,49152:49215 /* 001 nova qemu migration incoming nova_qemu_migration_192.168.0.20_192.168.0.22 */
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:53
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:53
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:67
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:67
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0          
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:22
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  0.0.0.0/0            192.168.122.0/24     ctstate RELATED,ESTABLISHED
ACCEPT     all  --  192.168.122.0/24     0.0.0.0/0          
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination


One more question, I'm on Centos7 using openstack juno:

When starting firewalld, (service firewalld start) iptable stopped.
Similarly, when iptables starts (service iptables start), firewalld gets stopped.



On Sat, Mar 28, 2015 at 7:49 PM, Vedsar Kushwaha <vedsarkushwaha gmail com> wrote:
I'm using curl to access to the HTTPSEEVER.

python -m SimpleHTTPServer 30001


iptables -nL

target     prot opt source               destination        
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          
INPUT_direct  all  --  0.0.0.0/0            0.0.0.0/0          
INPUT_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0          
INPUT_ZONES  all  --  0.0.0.0/0            0.0.0.0/0          
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0          
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination        
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          
FORWARD_direct  all  --  0.0.0.0/0            0.0.0.0/0          
FORWARD_IN_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0          
FORWARD_IN_ZONES  all  --  0.0.0.0/0            0.0.0.0/0          
FORWARD_OUT_ZONES_SOURCE  all  --  0.0.0.0/0            0.0.0.0/0          
FORWARD_OUT_ZONES  all  --  0.0.0.0/0            0.0.0.0/0          
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0          
REJECT     all  --  0.0.0.0/0            0.0.0.0/0            reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination        
OUTPUT_direct  all  --  0.0.0.0/0            0.0.0.0/0          

Chain FORWARD_IN_ZONES (1 references)
target     prot opt source               destination        
FWDI_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto]
FWDI_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto]

Chain FORWARD_IN_ZONES_SOURCE (1 references)
target     prot opt source               destination        

Chain FORWARD_OUT_ZONES (1 references)
target     prot opt source               destination        
FWDO_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto]
FWDO_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto]

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
target     prot opt source               destination        

Chain FORWARD_direct (1 references)
target     prot opt source               destination        

Chain FWDI_public (2 references)
target     prot opt source               destination        
FWDI_public_log  all  --  0.0.0.0/0            0.0.0.0/0          
FWDI_public_deny  all  --  0.0.0.0/0            0.0.0.0/0          
FWDI_public_allow  all  --  0.0.0.0/0            0.0.0.0/0          

Chain FWDI_public_allow (1 references)
target     prot opt source               destination        

Chain FWDI_public_deny (1 references)
target     prot opt source               destination        

Chain FWDI_public_log (1 references)
target     prot opt source               destination        

Chain FWDO_public (2 references)
target     prot opt source               destination        
FWDO_public_log  all  --  0.0.0.0/0            0.0.0.0/0          
FWDO_public_deny  all  --  0.0.0.0/0            0.0.0.0/0          
FWDO_public_allow  all  --  0.0.0.0/0            0.0.0.0/0          

Chain FWDO_public_allow (1 references)
target     prot opt source               destination        

Chain FWDO_public_deny (1 references)
target     prot opt source               destination        

Chain FWDO_public_log (1 references)
target     prot opt source               destination        

Chain INPUT_ZONES (1 references)
target     prot opt source               destination        
IN_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto]
IN_public  all  --  0.0.0.0/0            0.0.0.0/0           [goto]

Chain INPUT_ZONES_SOURCE (1 references)
target     prot opt source               destination        

Chain INPUT_direct (1 references)
target     prot opt source               destination        

Chain IN_public (2 references)
target     prot opt source               destination        
IN_public_log  all  --  0.0.0.0/0            0.0.0.0/0          
IN_public_deny  all  --  0.0.0.0/0            0.0.0.0/0          
IN_public_allow  all  --  0.0.0.0/0            0.0.0.0/0          

Chain IN_public_allow (1 references)
target     prot opt source               destination        
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22 ctstate NEW

Chain IN_public_deny (1 references)
target     prot opt source               destination        

Chain IN_public_log (1 references)
target     prot opt source               destination        

Chain OUTPUT_direct (1 references)
target     prot opt source               destination

On Sat, Mar 28, 2015 at 6:57 PM, Marius Cornea <marius remote-lab net> wrote:
iptables -nL ?

Also it's not clear to me when you get the 'No route to host' message.
How are you trying to access it?

On Sat, Mar 28, 2015 at 2:23 PM, Vedsar Kushwaha
<vedsarkushwaha gmail com> wrote:
> firewall is disable on all computers :)
>
> Redirecting to /bin/systemctl status  firewalld.service
> firewalld.service - firewalld - dynamic firewall daemon
>    Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled)
>    Active: inactive (dead)
>
>
> On Sat, Mar 28, 2015 at 6:35 PM, Marius Cornea <marius remote-lab net>
> wrote:
>>
>> Hi,
>>
>> It sounds to me like a firewall issue. Please check the firewall rules
>> on computer B and make sure you allow HTTP access from the clients.
>>
>> Tnx,
>> Marius
>>
>> On Sat, Mar 28, 2015 at 1:43 PM, Vedsar Kushwaha
>> <vedsarkushwaha gmail com> wrote:
>> > I installed openstack --allinone on one computer (Say A).
>> >
>> > Then, I added two more compute nodes(Say B and C) on this.
>> >
>> > Everything is working fine.
>> >
>> > But now, for some other reason I want to start HTTPServer on computer B
>> > and
>> > access it from computer X and Y which are different from A,B & C.
>> >
>> > Now after running HTTPServer on computer B, I'm not able to access it
>> > from
>> > computer X and Y.
>> > Giving Error 'No route to host'
>> >
>> > Although from computer B, I can access HTTPServer of computer B.
>> >
>> >
>> > Please help.
>> >
>> > --
>> > Vedsar Kushwaha
>> > M.Tech-Computational Science
>> > Indian Institute of Science
>> >
>> > _______________________________________________
>> > Rdo-list mailing list
>> > Rdo-list redhat com
>> > https://www.redhat.com/mailman/listinfo/rdo-list
>> >
>> > To unsubscribe: rdo-list-unsubscribe redhat com
>
>
>
>
> --
> Vedsar Kushwaha
> M.Tech-Computational Science
> Indian Institute of Science



--
Vedsar Kushwaha
M.Tech-Computational Science
Indian Institute of Science



--
Vedsar Kushwaha
M.Tech-Computational Science
Indian Institute of Science

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]