Fix iptables chain name used for UI forwarding
The chain IN_public_allow does not exist, which breaks the undercloud deployment. Therefore changing it to the default INPUT chain, and doing an insert to make sure the rules are executed before a final DROP/REJECT rule on systems running firewalld. Closes-Bug: 1699453 Change-Id: I32ce9ab5d7d8a4aa113d5f4f9ad95ea76ea8fc61
This commit is contained in:
parent
1071bf4066
commit
f1178da112
|
@ -345,7 +345,8 @@
|
||||||
# - name: ensure the required tcp ports are open on the virthost
|
# - name: ensure the required tcp ports are open on the virthost
|
||||||
- iptables:
|
- iptables:
|
||||||
table: filter
|
table: filter
|
||||||
chain: IN_public_allow
|
chain: INPUT
|
||||||
|
action: insert
|
||||||
protocol: tcp
|
protocol: tcp
|
||||||
match: tcp
|
match: tcp
|
||||||
ctstate: NEW
|
ctstate: NEW
|
||||||
|
|
Loading…
Reference in New Issue