<div dir="ltr">Is the fwaas_driver configured correctly?</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Dec 11, 2013 at 6:42 AM, Remo Mattei <span dir="ltr"><<a href="mailto:remo@mattei.org" target="_blank">remo@mattei.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><div>What are you trying to do? <br><br><div>Inviato da iPhone (<span style="background-color:rgba(255,255,255,0)">)</span></div>
</div><div><br>Il giorno Dec 11, 2013, alle ore 3:02, "<a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a>" <<a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a>> ha scritto:<br>
<br></div><blockquote type="cite"><div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Hi-<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I have a Network <a href="http://12.12.12.0/24" target="_blank">12.12.12.0/24</a> connected to a router (router1)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I have got the neutron based chains in iptables too..<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain INPUT (policy ACCEPT 451K packets, 126M bytes)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 413K 119M neutron-openvswi-INPUT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">48090 14M nova-compute-INPUT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 262K 75M nova-network-INPUT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 264K 76M nova-api-INPUT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT udp -- virbr0 * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp dpt:53<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT tcp -- virbr0 * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> tcp dpt:53<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT udp -- virbr0 * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp dpt:67<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT tcp -- virbr0 * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> tcp dpt:67<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain FORWARD (policy ACCEPT 18 packets, 2855 bytes)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 22 4189 neutron-filter-top all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 22 4189 neutron-openvswi-FORWARD all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 18 2855 nova-filter-top all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 nova-compute-FORWARD all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 nova-network-FORWARD all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 nova-api-FORWARD all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT all -- * virbr0 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://192.168.122.0/24" target="_blank">192.168.122.0/24</a> ctstate RELATED,ESTABLISHED<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT all -- virbr0 * <a href="http://192.168.122.0/24" target="_blank">192.168.122.0/24</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT all -- virbr0 virbr0 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 REJECT all -- * virbr0 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> reject-with icmp-port-unreachable<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 REJECT all -- virbr0 * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> reject-with icmp-port-unreachable<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain OUTPUT (policy ACCEPT 450K packets, 124M bytes)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 413K 116M neutron-filter-top all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 413K 116M neutron-openvswi-OUTPUT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 450K 124M nova-filter-top all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">49273 14M nova-compute-OUTPUT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 263K 77M nova-network-OUTPUT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 265K 77M nova-api-OUTPUT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-filter-top (2 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 413K 116M neutron-openvswi-local all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-FORWARD (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 2 706 neutron-openvswi-sg-chain all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> PHYSDEV match --physdev-out tap761426aa-f9 --physdev-is-bridged<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 2 628 neutron-openvswi-sg-chain all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> PHYSDEV match --physdev-in tap761426aa-f9 --physdev-is-bridged<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-INPUT (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 neutron-openvswi-o761426aa-f all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> PHYSDEV match --physdev-in tap761426aa-f9 --physdev-is-bridged<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-OUTPUT (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-i761426aa-f (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 DROP all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> state INVALID<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 RETURN all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> state RELATED,ESTABLISHED<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 2 706 RETURN udp -- * * 12.12.12.3 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp spt:67 dpt:68<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 neutron-openvswi-sg-fallback all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-local (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-o761426aa-f (2 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 2 628 RETURN udp -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp spt:68 dpt:67<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 neutron-openvswi-s761426aa-f all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 DROP udp -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp spt:67 dpt:68<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 DROP all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> state INVALID<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 RETURN all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> state RELATED,ESTABLISHED<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 RETURN all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 neutron-openvswi-sg-fallback all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-s761426aa-f (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 RETURN all -- * * 12.12.12.2 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> MAC FA:16:3E:35:F9:57<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 DROP all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-sg-chain (2 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 2 706 neutron-openvswi-i761426aa-f all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> PHYSDEV match --physdev-out tap761426aa-f9 --physdev-is-bridged<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 2 628 neutron-openvswi-o761426aa-f all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> PHYSDEV match --physdev-in tap761426aa-f9 --physdev-is-bridged<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 4 1334 ACCEPT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain neutron-openvswi-sg-fallback (2 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 DROP all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-api-FORWARD (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-api-INPUT (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT tcp -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> 10.10.10.100 tcp dpt:8775<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-api-OUTPUT (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-api-local (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-compute-FORWARD (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT udp -- * * 0.0.0.0 255.255.255.255 udp spt:68 dpt:67<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-compute-INPUT (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 2 628 ACCEPT udp -- * * 0.0.0.0 255.255.255.255 udp spt:68 dpt:67<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-compute-OUTPUT (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-compute-inst-26 (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 DROP all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> state INVALID<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> state RELATED,ESTABLISHED<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 nova-compute-provider all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT udp -- * * 12.12.12.3 <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> udp spt:67 dpt:68<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 nova-compute-sg-fallback all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-compute-local (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 nova-compute-inst-26 all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> 12.12.12.2
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-compute-provider (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-compute-sg-fallback (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 DROP all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-filter-top (2 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">49273 14M nova-compute-local all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 263K 77M nova-network-local all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 265K 77M nova-api-local all -- * * <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a>
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-network-FORWARD (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-network-INPUT (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-network-OUTPUT (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-network-local (1 references)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">But then there are chain with name “</span>neutron-l3-agent”
<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Is there anything am I missing ?<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Kindly guide me in this regard.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">--<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Trinath Somanchi - B39208<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#548dd4">trinath.somanchi@</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#548dd4">freescale</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#548dd4">.com</span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">
| extn: 4048<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:.5in"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
</span><span lang="ZH-CN" style="font-size:10.0pt">郭龙仓</span><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> [<a href="mailto:guolongcang.work@gmail.com" target="_blank">mailto:guolongcang.work@gmail.com</a>]
<br>
<b>Sent:</b> Wednesday, December 11, 2013 2:16 PM<br>
<b>To:</b> Somanchi Trinath-B39208<br>
<b>Cc:</b> <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>
<b>Subject:</b> Re: [Openstack] [FWaaS] Doubts with FWaaS<u></u><u></u></span></p>
</div>
<p class="MsoNormal" style="margin-left:.5in"><u></u> <u></u></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">well , maybe you can show me your tenant network topology.<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-right:0in;margin-bottom:12.0pt;margin-left:.5in">
<u></u> <u></u></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">2013/12/11 <a href="mailto:trinath.somanchi@freescale.com" target="_blank">
trinath.somanchi@freescale.com</a> <<a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a>><u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:.5in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Yes..
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:.5in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I have controller + network + compute node in a single machine.</span><u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:.5in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:.5in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">--</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:.5in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Trinath Somanchi - B39208</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:.5in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#548dd4"><a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a></span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> | extn:
4048</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:.5in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
</div>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:1.0in">
<b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
</span><span lang="ZH-CN" style="font-size:10.0pt">郭龙仓</span><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> [mailto:<a href="mailto:guolongcang.work@gmail.com" target="_blank">guolongcang.work@gmail.com</a>]
<br>
<b>Sent:</b> Wednesday, December 11, 2013 2:08 PM</span><u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:.5in"><br>
<b>To:</b> Somanchi Trinath-B39208<br>
<b>Cc:</b> <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>
<b>Subject:</b> Re: [Openstack] [FWaaS] Doubts with FWaaS<u></u><u></u></p>
</div>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="margin-left:1.0in">
<u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:1.0in">
all-in-one deploy ? <span style="font-size:10.5pt;font-family:"Arial","sans-serif"">qr-{xxx} device is created on the network node .</span><u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:1.0in">
<u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:1.0in">
2013/12/11 <a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a> <<a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a>><u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Hi-</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I have the following chains in the iptables.</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">root@havana:~# iptables -L -n -v</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain INPUT (policy ACCEPT 6021 packets, 474K bytes)</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 5921 465K nova-api-INPUT all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT udp -- virbr0 *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> udp dpt:53</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT tcp -- virbr0 *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> tcp dpt:53</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT udp -- virbr0 *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> udp dpt:67</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT tcp -- virbr0 *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> tcp dpt:67</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 nova-filter-top all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 nova-api-FORWARD all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT all -- * virbr0
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://192.168.122.0/24" target="_blank">
192.168.122.0/24</a> ctstate RELATED,ESTABLISHED</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT all -- virbr0 * <a href="http://192.168.122.0/24" target="_blank">192.168.122.0/24</a>
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT all -- virbr0 virbr0
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 REJECT all -- * virbr0
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> reject-with icmp-port-unreachable</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 REJECT all -- virbr0 *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> reject-with icmp-port-unreachable</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain OUTPUT (policy ACCEPT 6746 packets, 462K bytes)</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 6614 452K nova-filter-top all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 6614 452K nova-api-OUTPUT all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-api-FORWARD (1 references)</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-api-INPUT (1 references)</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 0 0 ACCEPT tcp -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> 10.10.10.100 tcp dpt:8775</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-api-OUTPUT (1 references)</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-api-local (1 references)</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">Chain nova-filter-top (2 references)</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d">pkts bytes target prot opt in out source destination
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:Consolas;color:#1f497d"> 6614 452K nova-api-local all -- * *
<a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> <a href="http://0.0.0.0/0" target="_blank">
0.0.0.0/0</a></span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">I find none with the names suggested below. Am I missing any of the configurations required.
</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Kindly help me in this regard.</span><u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">--</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Trinath Somanchi - B39208</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#548dd4"><a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a></span><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">
| extn: 4048</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.0in">
<span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span><u></u><u></u></p>
</div>
<div style="border:none;border-top:solid #b5c4df 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-left:1.5in">
<b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
</span><span lang="ZH-CN" style="font-size:10.0pt">郭龙仓</span><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> [mailto:<a href="mailto:guolongcang.work@gmail.com" target="_blank">guolongcang.work@gmail.com</a>]
<br>
<b>Sent:</b> Wednesday, December 11, 2013 1:46 PM<br>
<b>To:</b> Somanchi Trinath-B39208<br>
<b>Cc:</b> <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>
<b>Subject:</b> Re: [Openstack] [FWaaS] Doubts with FWaaS</span><u></u><u></u></p>
</div>
<div>
<div>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:1.5in">
FWaaS is implemented through iptables on qr-{xxx} device , one inbound chain named like neutron-l3-agent-iv{xxx} and one outbound chain named like neutron-l3-agent-ov{xxx} . <u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
</div>
<div>
<p class="MsoNormal" style="margin-left:1.5in">
You can check the qr-{xxx} device's iptables rules.<u></u><u></u></p>
</div>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:1.5in">
<u></u><u></u></p>
<div>
<p class="MsoNormal" style="margin-left:1.5in">
2013/12/11 <a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a> <<a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a>><u></u><u></u></p>
<div>
<div>
<p class="MsoNormal" style="margin-left:1.5in">
Hi stackers-<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
I have configured FWaas with Neutron.<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
Also, I have created a simple firewall rule, added the same to a policy and created a firewall with this policy from CLI<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
The firewall is in ERROR state.<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
The rules and the policies were added to the DB. <u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
How do I debug to find the error. Also, will these rules be added to the iptables?
<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
Help be troubleshoot and understand the same.<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
--<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
Trinath Somanchi - B39208<u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<span style="color:#548dd4"><a href="mailto:trinath.somanchi@freescale.com" target="_blank">trinath.somanchi@freescale.com</a></span><span style="color:#888888"> | extn: 4048</span><u></u><u></u></p>
<p class="MsoNormal" style="margin-left:1.5in">
<span style="color:#888888"> </span><u></u><u></u></p>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt;margin-left:1.5in">
<br>
_______________________________________________<br>
Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
Post to : <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>
Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><u></u><u></u></p>
</div>
<p class="MsoNormal" style="margin-left:1.5in">
<u></u><u></u></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-left:1.0in">
<u></u><u></u></p>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-left:.5in"><u></u> <u></u></p>
</div>
</div>
!DSPAM:2,52a84b75265441149516157!
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a></span><br>
<span>Post to : <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a></span><br><span>Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a></span><br>
<span></span><br><span></span><br><span>!DSPAM:2,52a84b75265441149516157!</span><br></div></blockquote></div><br>_______________________________________________<br>
Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
Post to : <a href="mailto:openstack@lists.openstack.org">openstack@lists.openstack.org</a><br>
Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>
<br></blockquote></div><br></div>