<div dir="ltr">here's my security groups list<div><br></div><div><div>#  neutron security-group-rule-list</div><div>+--------------------------------------+----------------+-----------+----------+------------------+--------------+</div><div>| id                                   | security_group | direction | protocol | remote_ip_prefix | remote_group |</div><div>+--------------------------------------+----------------+-----------+----------+------------------+--------------+</div><div>| 0d814f8a-fd79-4a86-8fb4-4d769fc8b28e | default        | egress    |          |                  |              |</div><div>| 12d1c7ea-1b42-417b-a620-e5a0bb10e7fd | default        | egress    |          |                  |              |</div><div>| 25de2b38-503b-47e1-8d73-a52e87425eba | default        | ingress   |          |                  | default      |</div><div>| 43fc5af3-1dd5-4276-8d05-9f79ce6c3743 | default        | egress    |          |                  |              |</div><div>| 5157d898-5cd4-48b8-8290-2159aebb82bf | default        | ingress   | icmp     | <a href="http://0.0.0.0/0">0.0.0.0/0</a>        |              |</div><div>| 7403a747-23cc-4a05-bec1-9f1fc0e56b78 | default        | ingress   |          |                  | default      |</div><div>| 968d51f4-b506-47bd-b450-9fb58f26979b | adhi           | egress    |          |                  |              |</div><div>| bda9e450-3560-449e-bf2b-22202eb8baf8 | adhi           | ingress   | icmp     | <a href="http://0.0.0.0/0">0.0.0.0/0</a>        |              |</div><div>| d24d311c-c6b8-4b94-9919-155e0e106dee | adhi           | egress    |          |                  |              |</div><div>| da9237b6-769d-4c0c-82be-1ee14e88a2c3 | default        | ingress   |          |                  | default      |</div><div>| f66c3883-b32e-4871-a5f2-a3b2bfc468bc | default        | ingress   |          |                  | default      |</div><div>| fd041a73-8c5b-4e14-8053-1ed7beabf448 | default        | egress    |          |                  |              |</div><div>+--------------------------------------+----------------+-----------+----------+------------------+--------------+</div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Mar 15, 2016 at 2:17 AM, Remo Mattei <span dir="ltr"><<a href="mailto:remo@italy1.com" target="_blank">remo@italy1.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word">can you share your security groups rules?<br><div><blockquote type="cite"><div><div class="h5"><div>On Mar 13, 2016, at 20:56, Adhi Priharmanto <<a href="mailto:adhi.pri@gmail.com" target="_blank">adhi.pri@gmail.com</a>> wrote:</div><br></div></div><div><div><div class="h5"><div dir="ltr">Hi all, <br><br>I had Openstack Kilo installed on my lab, for Compute Hypervisor I use XenServer 6.5, and networking Using Neutron OVS. For Controller, Network, and Compute node I'm using Ubuntu 14.04.<div><br></div><div>My problem was Security Groups rules doesn't applied to the instance that created. For example, there is no rule for SSH port 22 in security group i defined to the instance, but instance with floating IP able to login by ssh from external network.</div><div><br>I've already add this option on my nova.conf</div><div><br></div><div>firewall_driver=nova.virt.xenapi.firewall.Dom0IptablesFirewallDriver<br></div><div><br></div><div>and also defined firewall_driver on my ml2_conf.ini at Controller, Network, and Compute node</div><div><br></div><div><div>[ovs]</div><div>enable_security_group = True</div><div>enable_ipset = True</div><div>firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver</div></div><div><br></div><div>can somebody help me with this problem ?</div><div><br></div><div><br></div><div>-- <br><div><div dir="ltr"><div><div dir="ltr"><div><font size="2"><span style="font-family:'trebuchet ms',sans-serif">Cheers,</span><br style="font-family:'trebuchet ms',sans-serif"><br></font><table border="0" cellpadding="0" cellspacing="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-size:14px;font-family:proxima-nova-1,proxima-nova-2,Tahoma,Helvetica,Verdana,sans-serif;vertical-align:baseline;border-spacing:0px;color:rgb(51,51,51);line-height:18.2px"><tbody style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-size:0px;font-family:inherit;vertical-align:baseline;width:auto;height:30px"> </td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:baseline;width:auto"><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;line-height:0"><a href="http://about.me/a_dhi?promo=email_sig" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;color:rgb(58,169,233);text-decoration:none;display:inline-block" target="_blank"><table border="0" cellpadding="0" cellspacing="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;border-spacing:0px"><tbody style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td align="left" valign="top" style="padding:0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:top;width:auto;line-height:1"><img alt="--" width="0" height="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;display:block;width:0px;min-height:0px;overflow:hidden"><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:bold;font-style:inherit;font-size:18px;font-family:proxima-nova-1,Proxima-Nova,Helvetica,Arial,sans-serif;vertical-align:baseline;line-height:1;color:rgb(51,51,51)">Adhi Priharmanto</div><div style="margin:3px 0px 0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:proxima-nova-1,Proxima-Nova,Helvetica,Arial,sans-serif;vertical-align:baseline;color:rgb(43,130,173)"><img alt="http://" width="0" height="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;display:block;width:0px;min-height:0px;overflow:hidden">about.me/a_dhi</div></td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td align="left" valign="top" style="padding:8px 0px 0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:top;width:auto;line-height:1"><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;text-align:right;min-height:4px;background-color:rgb(197,208,224)"><img src="http://d13pix9kaak6wt.cloudfront.net/signature/colorbar.png" alt="" width="88" height="4" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;float:right;display:block"></div></td></tr></tbody></table></a>                                 </div></td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-size:0px;font-family:inherit;vertical-align:baseline;width:auto;height:20px"></td></tr></tbody></table><font size="2"><span style="font-family:'trebuchet ms',sans-serif"><br></span></font></div><div><font size="2"><span style="font-family:'trebuchet ms',sans-serif"><br></span></font></div></div></div></div></div>
</div></div></div></div>


!DSPAM:1,56e639a818092205511520!
_______________________________________________<span class=""><br>Mailing list: <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br>Post to     : <a href="mailto:openstack@lists.openstack.org" target="_blank">openstack@lists.openstack.org</a><br>Unsubscribe : <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack</a><br><br><br></span>!DSPAM:1,56e639a818092205511520!<br></div></blockquote></div><br></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><font size="2"><span style="font-family:trebuchet ms,sans-serif">Cheers,</span><br style="font-family:trebuchet ms,sans-serif"><br></font><table border="0" cellpadding="0" cellspacing="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-size:14px;font-family:proxima-nova-1,proxima-nova-2,Tahoma,Helvetica,Verdana,sans-serif;vertical-align:baseline;border-spacing:0px;color:rgb(51,51,51);line-height:18.2000007629395px"><tbody style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-size:0px;font-family:inherit;vertical-align:baseline;width:auto;height:30px"> </td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:baseline;width:auto"><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;line-height:0"><a href="http://about.me/a_dhi?promo=email_sig" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;color:rgb(58,169,233);text-decoration:none;display:inline-block" target="_blank"><table border="0" cellpadding="0" cellspacing="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;border-spacing:0px"><tbody style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td align="left" valign="top" style="padding:0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:top;width:auto;line-height:1"><img alt="--" width="0" height="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;display:block;width:0px;height:0px;overflow:hidden"><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:bold;font-style:inherit;font-size:18px;font-family:proxima-nova-1,Proxima-Nova,Helvetica,Arial,sans-serif;vertical-align:baseline;line-height:1;color:rgb(51,51,51)">Adhi Priharmanto</div><div style="margin:3px 0px 0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-size:12px;font-family:proxima-nova-1,Proxima-Nova,Helvetica,Arial,sans-serif;vertical-align:baseline;color:rgb(43,130,173)"><img alt="http://" width="0" height="0" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;display:block;width:0px;height:0px;overflow:hidden">about.me/a_dhi</div></td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td align="left" valign="top" style="padding:8px 0px 0px;border:0px;outline:0px;font-style:inherit;font-family:inherit;vertical-align:top;width:auto;line-height:1"><div style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;text-align:right;height:4px;background-color:rgb(197,208,224)"><img src="http://d13pix9kaak6wt.cloudfront.net/signature/colorbar.png" alt="" width="88" height="4" style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline;float:right;display:block"></div></td></tr></tbody></table></a>                                </div></td></tr><tr style="margin:0px;padding:0px;border:0px;outline:0px;font-weight:inherit;font-style:inherit;font-family:inherit;vertical-align:baseline"><td style="padding:0px;border:0px;outline:0px;font-style:inherit;font-size:0px;font-family:inherit;vertical-align:baseline;width:auto;height:20px"></td></tr></tbody></table><font size="2"><span style="font-family:trebuchet ms,sans-serif">+62-812-82121584<br></span></font></div><div><font size="2"><span style="font-family:trebuchet ms,sans-serif"><br></span></font></div></div></div></div></div>
</div>