<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">can you share your security groups rules?<br class=""><div><blockquote type="cite" class=""><div class="">On Mar 13, 2016, at 20:56, Adhi Priharmanto <<a href="mailto:adhi.pri@gmail.com" class="">adhi.pri@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Hi all, <br class=""><br class="">I had Openstack Kilo installed on my lab, for Compute Hypervisor I use XenServer 6.5, and networking Using Neutron OVS. For Controller, Network, and Compute node I'm using Ubuntu 14.04.<div class=""><br class=""></div><div class="">My problem was Security Groups rules doesn't applied to the instance that created. For example, there is no rule for SSH port 22 in security group i defined to the instance, but instance with floating IP able to login by ssh from external network.</div><div class=""><br class="">I've already add this option on my nova.conf</div><div class=""><br class=""></div><div class="">firewall_driver=nova.virt.xenapi.firewall.Dom0IptablesFirewallDriver<br class=""></div><div class=""><br class=""></div><div class="">and also defined firewall_driver on my ml2_conf.ini at Controller, Network, and Compute node</div><div class=""><br class=""></div><div class=""><div class="">[ovs]</div><div class="">enable_security_group = True</div><div class="">enable_ipset = True</div><div class="">firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver</div></div><div class=""><br class=""></div><div class="">can somebody help me with this problem ?</div><div class=""><br class=""></div><div class=""><br class=""></div><div class="">-- <br class=""><div class="gmail_signature"><div dir="ltr" class=""><div class=""><div dir="ltr" class=""><div class=""><font size="2" class=""><span style="font-family:'trebuchet ms',sans-serif" class="">Cheers,</span><br style="font-family:'trebuchet ms',sans-serif" class=""><br class=""></font><table border="0" cellpadding="0" cellspacing="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-size:14px;font-family:proxima-nova-1,proxima-nova-2,Tahoma,Helvetica,Verdana,sans-serif;vertical-align:baseline;border-spacing:0px;color:rgb(51,51,51);line-height:18.2px" class=""><tbody style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline" class=""><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline" class=""><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-size:0px;font-family:inherit;vertical-align:baseline;width:auto;height:30px" class=""> </td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline" class=""><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:baseline;width:auto" class=""><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;line-height:0" class=""><a href="http://about.me/a_dhi?promo=email_sig" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;color:rgb(58,169,233);text-decoration:none;display:inline-block" target="_blank" class=""><table border="0" cellpadding="0" cellspacing="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;border-spacing:0px" class=""><tbody style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline" class=""><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline" class=""><td align="left" valign="top" style="padding:0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:top;width:auto;line-height:1" class=""><img alt="--" width="0" height="0" style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-weight: inherit; font-style: inherit; font-family: inherit; vertical-align: baseline; display: block; width: 0px; height: 0px; overflow: hidden;" class=""><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:bold;font-style:inherit;font-size:18px;font-family:proxima-nova-1,Proxima-Nova,Helvetica,Arial,sans-serif;vertical-align:baseline;line-height:1;color:rgb(51,51,51)" class="">Adhi Priharmanto</div><div style="margin:3px 0px 0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:proxima-nova-1,Proxima-Nova,Helvetica,Arial,sans-serif;vertical-align:baseline;color:rgb(43,130,173)" class=""><img alt="http://" width="0" height="0" style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-weight: inherit; font-style: inherit; font-family: inherit; vertical-align: baseline; display: block; width: 0px; height: 0px; overflow: hidden;" class="">about.me/a_dhi</div></td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline" class=""><td align="left" valign="top" style="padding:8px 0px 0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:top;width:auto;line-height:1" class=""><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;text-align:right;height:4px;background-color:rgb(197,208,224)" class=""><img src="http://d13pix9kaak6wt.cloudfront.net/signature/colorbar.png" alt="" width="88" height="4" style="margin: 0px; padding: 0px; border: 0px; outline: 0px; font-weight: inherit; font-style: inherit; font-family: inherit; vertical-align: baseline; float: right; display: block;" class=""></div></td></tr></tbody></table></a>                               </div></td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline" class=""><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-size:0px;font-family:inherit;vertical-align:baseline;width:auto;height:20px" class=""></td></tr></tbody></table><font size="2" class=""><span style="font-family:'trebuchet ms',sans-serif" class=""><br class=""></span></font></div><div class=""><font size="2" class=""><span style="font-family:'trebuchet ms',sans-serif" class=""><br class=""></span></font></div></div></div></div></div>
</div></div>


!DSPAM:1,56e639a818092205511520!
_______________________________________________<br class="">Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" class="">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br class="">Post to     : <a href="mailto:openstack@lists.openstack.org" class="">openstack@lists.openstack.org</a><br class="">Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" class="">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br class=""><br class=""><br class="">!DSPAM:1,56e639a818092205511520!<br class=""></div></blockquote></div><br class=""></body></html>