Bug 1044280

Summary: my ssh port is 10809 in iptables, but after installation, changed to port 22 in iptables
Product: [Retired] oVirt Reporter: kronus
Component: ovirt-engine-installerAssignee: Alon Bar-Lev <alonbl>
Status: CLOSED EOL QA Contact:
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.0CC: acathrow, alonbl, iheim, kronus, yeylon
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard: infra
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-01-05 21:51:12 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Virt RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description kronus 2013-12-18 02:35:49 UTC 
Description of problem:

ssh port: 10809
iptables rules: 
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10809 -j ACCEPT

but after installation of ovirt, it modified iptables:
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

so I can't ssh into this machine...

Version-Release number of selected component (if applicable):


How reproducible:
before modify the iptables, please read the real one, not empty all the iptables and write the default.

Steps to Reproduce:
1.write rules in iptables: -A INPUT -p tcp -m state --state NEW -m tcp --dport 10809 -j ACCEPT
2.run engine-setup, and confirm write firewall rules
3. after installation, cat /etc/sysconfig/iptables
4. -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

Actual results:
 -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT


Expected results:
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10809 -j ACCEPT

Additional info:
Comment 1 Itamar Heim 2013-12-18 08:55:05 UTC 
well, the checkbox does say 'override firewall rules'...

I think this was fixed in:
commit c93c7e4bd7ea58cbe3af435c95871a061b57822c
Author: Alon Bar-Lev <alonbl>
Date:   Mon Oct 14 23:39:03 2013 +0300

    host-deploy: configure ssh port per port used to actual communications
    
    Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1018948
    Change-Id: I1b581f81ad3f11b22eb20b72d34a41fae47f18bc
    Signed-off-by: Alon Bar-Lev <alonbl>
Comment 2 Alon Bar-Lev 2013-12-18 10:08:18 UTC 
What version of product do you use? 4.0 is not valid...
Comment 3 Alon Bar-Lev 2014-01-05 21:51:12 UTC 
Hi,
Please reopen if you have more information.
Thanks!