# Generated by iptables-save v1.4.21 on Tue Apr 23 03:42:47 2019
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -m comment --comment "000 accept related established rules ipv4" -j ACCEPT
-A INPUT -p icmp -m state --state NEW -m comment --comment "001 accept all icmp ipv4" -j ACCEPT
-A INPUT -i lo -m state --state NEW -m comment --comment "002 accept all to lo interface ipv4" -j ACCEPT
-A INPUT -s 192.168.24.0/24 -p tcp -m multiport --dports 22 -m state --state NEW -m comment --comment "003 accept ssh from controlplane ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 873,3123,3306,4444,4567,4568,9200 -m state --state NEW -m comment --comment "104 mysql galera-bundle ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3124,6379,26379 -m state --state NEW -m comment --comment "108 redis-bundle ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3122,4369,5672,25672 -m state --state NEW -m comment --comment "109 rabbitmq-bundle ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 5000,13000,35357 -m state --state NEW -m comment --comment "111 keystone ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9292,13292 -m state --state NEW -m comment --comment "112 glance_api ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 8774,13774 -m state --state NEW -m comment --comment "113 nova_api ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 9696,13696 -m state --state NEW -m comment --comment "114 neutron api ipv4" -j ACCEPT
-A INPUT -p udp -m multiport --dports 4789 -m state --state NEW -m comment --comment "118 neutron vxlan networks ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 8776,13776 -m state --state NEW -m comment --comment "119 cinder ipv4" -j ACCEPT
-A INPUT -p udp -m multiport --dports 6081 -m state --state NEW -m comment --comment "119 neutron geneve networks ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 3260 -m state --state NEW -m comment --comment "120 iscsi initiator ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 6641,6642 -m state --state NEW -m comment --comment "121 OVN DB server ports ipv4" -j ACCEPT
-A INPUT -s 172.17.0.0/24 -p tcp -m multiport --dports 11211 -m state --state NEW -m comment --comment "121 memcached 172.17.0.0/24 ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 8080,13808 -m state --state NEW -m comment --comment "122 swift proxy ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 873,6000,6001,6002 -m state --state NEW -m comment --comment "123 swift storage ipv4" -j ACCEPT
-A INPUT -s 192.168.24.0/24 -p udp -m multiport --dports 161 -m state --state NEW -m comment --comment "124 snmp 192.168.24.0/24 ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 8004,13004 -m state --state NEW -m comment --comment "125 heat_api ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 8000,13800 -m state --state NEW -m comment --comment "125 heat_cfn ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -m state --state NEW -m comment --comment "126 horizon ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 80,443 -m state --state NEW -m comment --comment "127 horizon ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 2224,3121,21064 -m state --state NEW -m comment --comment "130 pacemaker tcp ipv4" -j ACCEPT
-A INPUT -p udp -m multiport --dports 5405 -m state --state NEW -m comment --comment "131 pacemaker udp ipv4" -j ACCEPT
-A INPUT -p tcp -m multiport --dports 6080,13080 -m state --state NEW -m comment --comment "137 nova_vnc_proxy ipv4" -j ACCEPT
-A INPUT -m state --state NEW -m limit --limit 20/min --limit-burst 15 -m comment --comment "998 log all ipv4" -j LOG
COMMIT
# Completed on Tue Apr 23 03:42:47 2019