Bug 488751 – Incorrect iptables rules documented in Section 2.2.3 of Cluster Administration guide Cluster_Administration(EN)-5 (2008-12-12T10:53)

Bug 488751 - Incorrect iptables rules documented in Section 2.2.3 of Cluster Administration guide Cluster_Administration(EN)-5 (2008-12-12T10:53)

Summary:	Incorrect iptables rules documented in Section 2.2.3 of Cluster Administratio...

Status:	CLOSED DEFERRED

Aliases:	None

Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	Documentation-cluster (Show other bugs)
Sub Component:
Version:	5.3
Hardware:	All Linux

Priority	low Severity medium
Target Milestone:	rc
Target Release:	---
Assigned To:	Paul Kennedy
QA Contact:	Content Services Development
Docs Contact:

URL:
Whiteboard:
Keywords:	Documentation

Duplicates:	502863 (view as bug list)
Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2009-03-05 11:38 EST by Brian Likosar
Modified:	2015-04-19 20:47 EDT (History)
CC List:	3 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2009-05-27 12:11:05 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Revised content fixing the bug. (116.35 KB, application/pdf) 2009-05-27 17:00 EDT, Paul Kennedy	no flags	Details
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Brian Likosar 2009-03-05 11:38:39 EST

Description of problem:
Rules given as an example in Section 2.2.3 of Cluster Administration Guide Cluster_Administration(EN)-5 (2008-12-12T10:53) are incorrect and do not work as documented.

Version-Release number of selected component (if applicable):
Cluster_Administration(EN)-5 (2008-12-12T10:53)

How reproducible:
Everytime

Steps to Reproduce:
1.  Follow Cluster Administration Guide up to step 2.2.3 but do not disable built-in firewall (iptables)
2.  Using examples in 2.2.3, apply firewall exceptions as documented

  
Actual results:
Cluster will not start, all nodes report unable to connect on provided ports

Expected results:
Cluster should start and communicate via appropriate ports while leaving iptables enforcing other network restrictions

Additional info:
Suggested fix is to remove the "-i IP addr" portion, which is a valid command (does not error after entering), but also does not allow packets to pass through.

Comment 3 Paul Kennedy 2009-05-27 11:44:29 EDT

*** Bug 502863 has been marked as a duplicate of this bug. ***

Comment 4 Paul Kennedy 2009-05-27 12:11:05 EDT

Examples have been removed for the RHEL 5.4 release. Updated documentation will be published with the RHEL 5.4 release, which will serve as documentation for all versions of this product under RHEL 5.

Comment 5 Paul Kennedy 2009-05-27 17:00:15 EDT

Created attachment 345680 [details]
Revised content fixing the bug. 

This attachment shows changes made to fix bug.

Note You need to log in before you can comment on or make changes to this bug.