Fix iptables chain name used for UI forwarding

The chain IN_public_allow does not exist, which breaks the undercloud deployment. Therefore changing it to the default INPUT chain, and doing an insert to make sure the rules are executed before a final DROP/REJECT rule on systems running firewalld. Closes-Bug: 1699453 Change-Id: I32ce9ab5d7d8a4aa113d5f4f9ad95ea76ea8fc61
2017-06-21 10:54:36 +02:00 · 2017-06-21 10:54:36 +02:00 · f1178da112
parent 1071bf4066
commit f1178da112
1 changed files with 2 additions and 1 deletions
--- a/roles/libvirt/setup/undercloud/tasks/main.yml
+++ b/roles/libvirt/setup/undercloud/tasks/main.yml
@ -345,7 +345,8 @@
 #  - name: ensure the required tcp ports are open on the virthost
  - iptables:
      table: filter
-      chain: IN_public_allow
+      chain: INPUT
+      action: insert
      protocol: tcp
      match: tcp
      ctstate: NEW