Bug 1266538 - "Automatically configure host firewall" option at the "Host Approval" window
"Automatically configure host firewall" option at the "Host Approval" window
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine (Show other bugs)
All Linux
high Severity high
: ovirt-4.0.0-rc
: 4.0.0
Assigned To: Eli Mesika
Petr Matyáš
Depends On: 1319708
  Show dependency treegraph
Reported: 2015-09-25 10:29 EDT by Alexandros Gkesos
Modified: 2017-03-30 09:30 EDT (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2016-08-23 16:29:34 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: Infra
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

External Trackers
Tracker ID Priority Status Summary Last Updated
oVirt gerrit 47211 master ABANDONED webdmin: Allow override ip tables for ovirt-node Never
Red Hat Product Errata RHEA-2016:1743 normal SHIPPED_LIVE Red Hat Virtualization Manager 4.0 GA Enhancement (ovirt-engine) 2016-09-02 17:54:01 EDT

  None (edit)
Description Alexandros Gkesos 2015-09-25 10:29:45 EDT
Description of problem:
As described in Bug 1266530, the default Display Network port range on a newly installed RHEV-Hypervisor is 5634:6166 instead of 5900:6923.
When you "Add" the host, the port range is being replaced as in the "Add" window there is the option "Automatically configure host firewall"
But when you "Approve" a host the port range stays the same, as there is no such option.

Version-Release number of selected component:

How reproducible:

Steps to Reproduce:
1. Install and configure from Admin TUI a RHEV-Hypervisor
2. Check Display Network port range at iptables
3. Approve the Hypervisor from the Manager
4. Check Display Network port range again

or just a step 3. Check the Approval window for the missing option

We want "Automatically configure host firewall" option at Approval window
Comment 1 Moti Asayag 2015-10-21 04:55:38 EDT
Moving to 4.0 since updating IP tables rules for ovirt-node is not supported - hence exposing the parameter in the webadmin is useless.
Comment 2 Oved Ourfali 2016-03-15 04:11:14 EDT
Putting on Eli.
Eli - please add a dependency for this one on the next-gen-node work.
This will be fixed by that work, as the "approve" will no longer be relevant in next-gen-node.
Comment 3 Yaniv Lavi 2016-05-09 06:57:49 EDT
oVirt 4.0 Alpha has been released, moving to oVirt 4.0 Beta target.
Comment 6 Oved Ourfali 2016-05-25 10:02:17 EDT
As the approval process isn't relevant to next-gen-node, this is fixed in 4.0.
Comment 7 Pavol Brilla 2016-08-16 11:33:37 EDT
As the approval process isn't relevant to next-gen-node, this is fixed in 4.0.

Add Host -> Advanced Parameters -> Automatically configure host firewall

option is visible during add host which is only available for rhvh
Comment 8 Pavol Brilla 2016-08-16 11:34:19 EDT
Verified in rhevm 4.0.2-0.1.rc.el7ev
Comment 10 errata-xmlrpc 2016-08-23 16:29:34 EDT
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.