Bug 488751 - Incorrect iptables rules documented in Section 2.2.3 of Cluster Administration guide Cluster_Administration(EN)-5 (2008-12-12T10:53)
Incorrect iptables rules documented in Section 2.2.3 of Cluster Administratio...
Status: CLOSED DEFERRED
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: Documentation-cluster (Show other bugs)
5.3
All Linux
low Severity medium
: rc
: ---
Assigned To: Paul Kennedy
Content Services Development
: Documentation
: 502863 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2009-03-05 11:38 EST by Brian Likosar
Modified: 2015-04-19 20:47 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-05-27 12:11:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Revised content fixing the bug. (116.35 KB, application/pdf)
2009-05-27 17:00 EDT, Paul Kennedy
no flags Details

  None (edit)
Description Brian Likosar 2009-03-05 11:38:39 EST
Description of problem:
Rules given as an example in Section 2.2.3 of Cluster Administration Guide Cluster_Administration(EN)-5 (2008-12-12T10:53) are incorrect and do not work as documented.

Version-Release number of selected component (if applicable):
Cluster_Administration(EN)-5 (2008-12-12T10:53)

How reproducible:
Everytime

Steps to Reproduce:
1.  Follow Cluster Administration Guide up to step 2.2.3 but do not disable built-in firewall (iptables)
2.  Using examples in 2.2.3, apply firewall exceptions as documented

  
Actual results:
Cluster will not start, all nodes report unable to connect on provided ports

Expected results:
Cluster should start and communicate via appropriate ports while leaving iptables enforcing other network restrictions

Additional info:
Suggested fix is to remove the "-i IP addr" portion, which is a valid command (does not error after entering), but also does not allow packets to pass through.
Comment 3 Paul Kennedy 2009-05-27 11:44:29 EDT
*** Bug 502863 has been marked as a duplicate of this bug. ***
Comment 4 Paul Kennedy 2009-05-27 12:11:05 EDT
Examples have been removed for the RHEL 5.4 release. Updated documentation will be published with the RHEL 5.4 release, which will serve as documentation for all versions of this product under RHEL 5.
Comment 5 Paul Kennedy 2009-05-27 17:00:15 EDT
Created attachment 345680 [details]
Revised content fixing the bug. 

This attachment shows changes made to fix bug.

Note You need to log in before you can comment on or make changes to this bug.