Red Hat Bugzilla – Bug 488751
Incorrect iptables rules documented in Section 2.2.3 of Cluster Administration guide Cluster_Administration(EN)-5 (2008-12-12T10:53)
Last modified: 2015-04-19 20:47:37 EDT
Description of problem:
Rules given as an example in Section 2.2.3 of Cluster Administration Guide Cluster_Administration(EN)-5 (2008-12-12T10:53) are incorrect and do not work as documented.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Follow Cluster Administration Guide up to step 2.2.3 but do not disable built-in firewall (iptables)
2. Using examples in 2.2.3, apply firewall exceptions as documented
Cluster will not start, all nodes report unable to connect on provided ports
Cluster should start and communicate via appropriate ports while leaving iptables enforcing other network restrictions
Suggested fix is to remove the "-i IP addr" portion, which is a valid command (does not error after entering), but also does not allow packets to pass through.
*** Bug 502863 has been marked as a duplicate of this bug. ***
Examples have been removed for the RHEL 5.4 release. Updated documentation will be published with the RHEL 5.4 release, which will serve as documentation for all versions of this product under RHEL 5.
Created attachment 345680 [details]
Revised content fixing the bug.
This attachment shows changes made to fix bug.