etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
cloudstack/patches/systemvm/debian/config/etc/iptables
History
Rohit Yadav dbe88c1ed3 CLOUDSTACK-417: Handle passwd-srvr securely on VR, port 8080 
By default do not enable port 8080 in iptables-router. Since, the socat
server which serves the password is in an infinite loop, any incorrect
attempt is returned bad_request and passwd-srvr won't break.

When /etc/init.d/cloud-passwd-srvr is started:
  - It finds and removes any old rules on port 8080, eth0
  - It applies iptables rule that accepts only traffic from private cidr.

When cloud-passwd-srvr is stopped:
  - It removes iptables rules on port 8080, eth0

Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
 		2012-10-26 21:37:32 +05:30
..
iptables-consoleproxy open port 3922 on correct eth device 2012-09-26 17:42:42 -07:00
iptables-elbvm Adding license headers to CS authored ip tables config files 2012-09-14 13:19:17 -04:00
iptables-router CLOUDSTACK-417: Handle passwd-srvr securely on VR, port 8080 2012-10-26 21:37:32 +05:30
iptables-secstorage open port 3922 on correct eth device 2012-09-26 17:42:42 -07:00
iptables-vpcrouter Adding license headers to CS authored ip tables config files 2012-09-14 13:19:17 -04:00
rt_tables_init Adding license headers to CS authored ip tables config files 2012-09-14 13:19:17 -04:00
rules Adding license headers to CS authored ip tables config files 2012-09-14 13:19:17 -04:00