StarlingX

ip6tables statistics not gathered by the collect tool

Bug #2071381 reported by Andre Kantek
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Low
Andre Kantek

Bug Description

*+Brief Description+*

The collect tool does not gather the ip6tables (ipv6 firewall) statistics, only ipv4

*+Severity+*

<Minor: System/Feature is usable with minor issue>

*+Steps to Reproduce+*

Execute the collect tool and in the var/extra/sm.info you will only find the iptables statistics

{noformat}
--------------------------------------------------------------------
Wed 26 Jun 2024 12:16:14 PM UTC : controller-0 : iptables -nvL
--------------------------------------------------------------------
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target prot opt in out source destination
82079 20M cali-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 /* cali:Cz_u1IQiXIMmKD4c */
32822 4619K KUBE-PROXY-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW /* kubernetes load balancer firewall */
78407 19M KUBE-NODEPORTS all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes health check service ports */
32823 4619K KUBE-EXTERNAL-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW /* kubernetes externally-visible service portals */
78527 19M KUBE-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target prot opt in out source destination
    0 0 cali-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 /* cali:wUHhoiAYhphO9Mso */
    0 0 KUBE-PROXY-FIREWALL all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW /* kubernetes load balancer firewall */
    0 0 KUBE-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes forwarding rules */
    0 0 KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW /* kubernetes service portals */
    0 0 KUBE-EXTERNAL-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate NEW /* kubernetes externally-visible service portals */
    0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 /* cali:S93hcgKJrXEqnTfs */ /* Policy explicitly accepted packet. */
    0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 /* cali:mp77cMpurHhyjLrM */ MARK or 0x10000

...
{noformat}

But the command ip6tables -nvL was not executed

*+Expected Behavior+*

IPv6 firewall statistics are collected

*+Actual Behavior+*

IPv6 firewall statistics not collected

Andre Kantek (akantek)
Changed in starlingx:
assignee: nobody → Andre Kantek (akantek)
OpenStack Infra (hudson-openstack)
Changed in starlingx:
status: New → In Progress
Revision history for this message
Ghada Khalil (gkhalil) wrote :

Code review: https://review.opendev.org/c/starlingx/ha/+/922969

tags: added: stx.10.0 stx.networking stx.tools
Changed in starlingx:
importance: Undecided → Low
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ha (master)

Reviewed: https://review.opendev.org/c/starlingx/ha/+/922969
Committed: https://opendev.org/starlingx/ha/commit/de48edd316722c05b27d142b0899c4b67737fe19
Submitter: "Zuul (22348)"
Branch: master

commit de48edd316722c05b27d142b0899c4b67737fe19
Author: Andre Kantek <email address hidden>
Date: Thu Jun 27 15:28:08 2024 -0300

    Collect ip6tables for logging purposes

    Currently SM troubleshoot does not collect ip6tables statistics, only
    iptables. This change adds this information for debugging.

    Tesplan
    [PASS] execute "collect all" and check that the sm.info file contains
           the output of ip6tables -nvL

    Closes-Bug: 2071381

    Change-Id: I62dccf4a1c031449fa56ff9463857819e8bc79f9
    Signed-off-by: Andre Kantek <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.