Fuel for OpenStack

some iptables rules doubles on master node

Bug #1342616 reported by Stanislaw Bogatkin on 2014-07-16

This bug report is a duplicate of: Bug #1331807: [library] bootstrap_admin_node.sh doesn't change iptables rules.. Edit Remove

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	Confirmed	High	Matthew Mosesohn	Fuel for OpenStack 5.1

Bug Description

{"build_id": "2014-07-15_02-19-18",
"ostf_sha": "9863db951a6e159f4fa6e6861c8331e1af069cf8",
"build_number": "320",
"auth_required": false,
"api": "1.0",
"nailgun_sha": "902cbb4ac4995a13dfaedb6a5111f177c1df9ab5",
"production": "docker",
"fuelmain_sha": "d12f4ac69a6299130b360e788b098c1f304b28c3",
"astute_sha": "18a6861ecf96e20ead17782ef4ea8d62e7449c14",
"feature_groups": ["mirantis"],
"release": "5.1",
"fuellib_sha": "b2caaea7b0a39f40ff08240da4dab81aaba6e29c"}

1. Create new environment (CentOS, simple mode)
2. Add controller, compute, cinder
3. Start deployment. It was successful
4. Reboot master node

Expect:
IPtables rules will stay intouched

Actual result:
some of iptables rules is doubled.

out from master node:

[root@nailgun ~]# iptables-save
# Generated by iptables-save v1.4.7 on Wed Jul 16 09:25:29 2014
*mangle
:PREROUTING ACCEPT [119801:21754006]
:INPUT ACCEPT [76590:7759719]
:FORWARD ACCEPT [43089:13959492]
:OUTPUT ACCEPT [93735:569578157]
:POSTROUTING ACCEPT [136822:583537473]
COMMIT
# Completed on Wed Jul 16 09:25:29 2014
# Generated by iptables-save v1.4.7 on Wed Jul 16 09:25:29 2014
*filter
:INPUT ACCEPT [1:240]
:FORWARD ACCEPT [1:328]
:OUTPUT ACCEPT [93697:569572627]
-A INPUT -m comment --comment "002 accept related established rules" -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m multiport --ports 22 -m comment --comment "005 ssh" -j ACCEPT
-A INPUT -i eth0 -p tcp -m multiport --ports 123 -m comment --comment "006 ntp" -j ACCEPT
-A INPUT -i eth0 -p udp -m multiport --ports 123 -m comment --comment "007 ntp_udp" -j ACCEPT
-A INPUT -p udp -m multiport --ports 162 -m comment --comment "008 snmp" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 8000 -m comment --comment "009 nailgun_web" -j ACCEPT
-A INPUT -i docker0 -p tcp -m multiport --ports 8001 -m comment --comment "010 nailgun_internal" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 8001 -m addrtype --src-type LOCAL -m comment --comment "011 nailgun_internal_local" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 8001 -m comment --comment "012 nailgun_internal_block_ext" -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m multiport --ports 5432 -m addrtype --src-type LOCAL -m comment --comment "013 postgres_local" -j ACCEPT
-A INPUT -i docker0 -p tcp -m multiport --ports 5432 -m comment --comment "014 postgres" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 5432 -m comment --comment "015 postgres_block_ext" -j REJECT --reject-with icmp-port-unreachable
-A INPUT -i eth0 -p tcp -m multiport --ports 8777 -m comment --comment "020 ostf_admin" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 8777 -m addrtype --src-type LOCAL -m comment --comment "021 ostf_local" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 8777 -m comment --comment "022 ostf_block_ext" -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m multiport --ports 873 -m comment --comment "023 rsync" -j ACCEPT
-A INPUT -i eth0 -p tcp -m multiport --ports 873 -m comment --comment "024 rsyslog" -j ACCEPT
-A INPUT -i eth0 -p tcp -m multiport --ports 4369,5672,15672,61613 -m comment --comment "040 rabbitmq_admin" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 4369,5672,15672,61613 -m addrtype --src-type LOCAL -m comment --comment "041 rabbitmq_local" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 4369,5672,15672,61613 -m comment --comment "042 rabbitmq_block_ext" -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m multiport --ports 53 -m comment --comment "101 dns_tcp" -j ACCEPT
-A INPUT -p udp -m multiport --ports 53 -m comment --comment "102 dns_udp" -j ACCEPT
-A INPUT -p udp -m multiport --ports 67,68 -m comment --comment "103 dhcp" -j ACCEPT
-A INPUT -p udp -m multiport --ports 69 -m comment --comment "104 tftp" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 3128 -m comment --comment "110 squidproxy" -j ACCEPT
-A INPUT -p tcp -m multiport --ports 80,443 -m comment --comment "111 cobbler_web" -j ACCEPT
-A INPUT -p tcp -m comment --comment "999 iptables denied" -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
-A FORWARD -d 172.17.0.12/32 ! -i docker0 -o docker0 -p udp -m udp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.12/32 ! -i docker0 -o docker0 -p udp -m udp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.12/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.12/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.12/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 25150 -j ACCEPT
-A FORWARD -d 172.17.0.12/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 25150 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A FORWARD -d 172.17.0.11/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8777 -j ACCEPT
-A FORWARD -d 172.17.0.11/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8777 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p udp -m state --state NEW -m udp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.10/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A FORWARD -d 172.17.0.10/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8000 -j ACCEPT
-A FORWARD -d 172.17.0.9/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 873 -j ACCEPT
-A FORWARD -d 172.17.0.9/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 873 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 61613 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 61613 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5672 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5672 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 4369 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 4369 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 15672 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 15672 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5432 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5432 -j ACCEPT
-A FORWARD -d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8001 -j ACCEPT
-A FORWARD -d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8001 -j ACCEPT
-A FORWARD -d 172.17.0.4/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A FORWARD -d 172.17.0.4/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 35357 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 8000 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p udp -m udp --dport 69 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p udp -m udp --dport 69 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p udp -m udp --dport 53 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p udp -m udp --dport 53 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 443 -j ACCEPT
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A FORWARD -d 172.17.0.10/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5432 -j ACCEPT
-A FORWARD -d 172.17.0.10/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5432 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p udp -m state --state NEW -m udp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.9/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8001 -j ACCEPT
-A FORWARD -d 172.17.0.9/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8001 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 61613 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 61613 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5672 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5672 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 4369 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 4369 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 15672 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 15672 -j ACCEPT
-A FORWARD -d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8777 -j ACCEPT
-A FORWARD -d 172.17.0.6/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8777 -j ACCEPT
-A FORWARD -d 172.17.0.5/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A FORWARD -d 172.17.0.5/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8000 -j ACCEPT
-A FORWARD -d 172.17.0.4/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A FORWARD -d 172.17.0.4/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 35357 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p udp -m udp --dport 69 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p udp -m udp --dport 69 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p udp -m udp --dport 53 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p udp -m udp --dport 53 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 443 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 8000 -j ACCEPT
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A FORWARD -d 172.17.0.11/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -d 172.17.0.11/32 ! -i docker0 -o docker0 -p udp -m udp --dport 69 -j ACCEPT
-A FORWARD -d 172.17.0.11/32 ! -i docker0 -o docker0 -p udp -m udp --dport 69 -j ACCEPT
-A FORWARD -d 172.17.0.11/32 ! -i docker0 -o docker0 -p udp -m udp --dport 53 -j ACCEPT
-A FORWARD -d 172.17.0.11/32 ! -i docker0 -o docker0 -p udp -m udp --dport 53 -j ACCEPT
-A FORWARD -d 172.17.0.11/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 443 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 8000 -j ACCEPT
-A FORWARD -d 172.17.0.10/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8080 -j ACCEPT
-A FORWARD -d 172.17.0.10/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8000 -j ACCEPT
-A FORWARD -d 172.17.0.9/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8777 -j ACCEPT
-A FORWARD -d 172.17.0.9/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8777 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8001 -j ACCEPT
-A FORWARD -d 172.17.0.8/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 8001 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p udp -m state --state NEW -m udp --dport 514 -j ACCEPT
-A FORWARD -i eth0 -o docker0 -p tcp -m state --state NEW -m tcp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p udp -m udp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p udp -m udp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 514 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 25150 -j ACCEPT
-A FORWARD -d 172.17.0.7/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 25150 -j ACCEPT
-A FORWARD -d 172.17.0.5/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 873 -j ACCEPT
-A FORWARD -d 172.17.0.5/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 873 -j ACCEPT
-A FORWARD -d 172.17.0.4/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5000 -j ACCEPT
-A FORWARD -d 172.17.0.4/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 35357 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 61613 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 61613 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5672 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5672 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 4369 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 4369 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 15672 -j ACCEPT
-A FORWARD -d 172.17.0.3/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 15672 -j ACCEPT
-A FORWARD -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5432 -j ACCEPT
-A FORWARD -d 172.17.0.2/32 ! -i docker0 -o docker0 -p tcp -m tcp --dport 5432 -j ACCEPT
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
-A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
COMMIT
# Completed on Wed Jul 16 09:25:29 2014
# Generated by iptables-save v1.4.7 on Wed Jul 16 09:25:29 2014
*nat
:PREROUTING ACCEPT [24:2122]
:POSTROUTING ACCEPT [4:468]
:OUTPUT ACCEPT [6:856]
:DOCKER - [0:0]
-A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 8080 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p udp -m udp --dport 514 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 8000 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 514 -j ACCEPT
-A POSTROUTING -s 172.17.0.0/16 ! -d 172.17.0.0/16 -j MASQUERADE
-A POSTROUTING -s 10.108.0.0/24 -p udp -m udp --dport 514 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 8080 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 514 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 8000 -j ACCEPT
-A POSTROUTING -s 172.17.0.0/16 ! -d 172.17.0.0/16 -j MASQUERADE
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 8080 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 8000 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p udp -m udp --dport 514 -j ACCEPT
-A POSTROUTING -s 10.108.0.0/24 -p tcp -m tcp --dport 514 -j ACCEPT
-A POSTROUTING -s 172.17.0.0/16 ! -d 172.17.0.0/16 -j MASQUERADE
-A POSTROUTING -s 10.108.0.0/24 -o eth+ -p tcp -m comment --comment "004 forward_admin_net" -j MASQUERADE
-A POSTROUTING -s 172.17.0.0/16 ! -d 172.17.0.0/16 -j MASQUERADE
-A POSTROUTING -o docker0 -j MASQUERADE
-A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
-A DOCKER -p tcp -m tcp --dport 443 -j DNAT --to-destination 172.17.0.3:443
-A DOCKER -d 10.108.0.2/32 -p udp -m udp --dport 53 -j DNAT --to-destination 172.17.0.3:53
-A DOCKER -d 127.0.0.1/32 -p udp -m udp --dport 53 -j DNAT --to-destination 172.17.0.3:53
-A DOCKER -d 10.108.0.2/32 -p udp -m udp --dport 69 -j DNAT --to-destination 172.17.0.3:69
-A DOCKER -d 127.0.0.1/32 -p udp -m udp --dport 69 -j DNAT --to-destination 172.17.0.3:69
-A DOCKER -p tcp -m tcp --dport 80 -j DNAT --to-destination 172.17.0.3:80
-A DOCKER -p tcp -m tcp --dport 35357 -j DNAT --to-destination 172.17.0.4:35357
-A DOCKER -p tcp -m tcp --dport 5000 -j DNAT --to-destination 172.17.0.4:5000
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 8001 -j DNAT --to-destination 172.17.0.6:8001
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 8001 -j DNAT --to-destination 172.17.0.6:8001
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 5432 -j DNAT --to-destination 172.17.0.7:5432
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 5432 -j DNAT --to-destination 172.17.0.7:5432
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 15672 -j DNAT --to-destination 172.17.0.8:15672
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 15672 -j DNAT --to-destination 172.17.0.8:15672
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 4369 -j DNAT --to-destination 172.17.0.8:4369
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 4369 -j DNAT --to-destination 172.17.0.8:4369
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 5672 -j DNAT --to-destination 172.17.0.8:5672
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 5672 -j DNAT --to-destination 172.17.0.8:5672
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 61613 -j DNAT --to-destination 172.17.0.8:61613
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 61613 -j DNAT --to-destination 172.17.0.8:61613
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 873 -j DNAT --to-destination 172.17.0.9:873
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 873 -j DNAT --to-destination 172.17.0.9:873
-A DOCKER -p tcp -m tcp --dport 8000 -j DNAT --to-destination 172.17.0.10:8000
-A DOCKER -p tcp -m tcp --dport 8080 -j DNAT --to-destination 172.17.0.10:8080
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 8777 -j DNAT --to-destination 172.17.0.11:8777
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 8777 -j DNAT --to-destination 172.17.0.11:8777
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 25150 -j DNAT --to-destination 172.17.0.12:25150
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 25150 -j DNAT --to-destination 172.17.0.12:25150
-A DOCKER -d 10.108.0.2/32 -p tcp -m tcp --dport 514 -j DNAT --to-destination 172.17.0.12:514
-A DOCKER -d 127.0.0.1/32 -p tcp -m tcp --dport 514 -j DNAT --to-destination 172.17.0.12:514
-A DOCKER -d 10.108.0.2/32 -p udp -m udp --dport 514 -j DNAT --to-destination 172.17.0.12:514
-A DOCKER -d 127.0.0.1/32 -p udp -m udp --dport 514 -j DNAT --to-destination 172.17.0.12:514
COMMIT
# Completed on Wed Jul 16 09:25:29 2014
[root@nailgun ~]#

Revision history for this message

Stanislaw Bogatkin (sbogatkin) wrote on 2014-07-16:

fuel-snapshot-2014-07-16_10-20-34.tgz Edit (47.4 MiB, application/x-tar)

Matthew Mosesohn (raytrac3r) on 2014-07-16

Changed in fuel:
importance:	Undecided → Low
assignee:	Fuel Library Team (fuel-library) → Matthew Mosesohn (raytrac3r)
status:	New → Confirmed
importance:	Low → High

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #1331807 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

fuel-snapshot-2014-07-16_10-20-34.tgz Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.