We are trying to add Zabbix client to our Xen Pool vm's and running into a firewall issue on the hosts/hypervisors. No matter how we try to modify iptables - our changes are just ignored after a restart of iptables.
The initial guide we tried to follow is here: https://share.zabbix.com/virtualization/citrix/citrix-xenserver-disk-and-memory
But since then I scoured the forums here on citrix.com to no avail. Can't find any documentation that explains where config for iptables lives .
# Aything modified here, is simply ignored
# /etc/sysconfig/iptables
# sample configuration for iptables service# you can edit this manually or use system-config-firewall# please do not ask us to add additional ports/services to this default configuration*filter
:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]:RH-Firewall-1-INPUT -[0:0]-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
# Zabbix-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 10500-j ACCEPT
-A RH-Firewall-1-INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 10500-j ACCEPT
# DHCP for host internal networks (CA-6996)-A RH-Firewall-1-INPUT -p udp -m udp --dport 67--in-interface xenapi -j ACCEPT
-A RH-Firewall-1-INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# Linux HA hearbeat (CA-9394)-A RH-Firewall-1-INPUT -m conntrack --ctstate NEW -m udp -p udp --dport 694-j ACCEPT
-A RH-Firewall-1-INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 22-j ACCEPT
-A RH-Firewall-1-INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 80-j ACCEPT
-A RH-Firewall-1-INPUT -m conntrack --ctstate NEW -m tcp -p tcp --dport 443-j ACCEPT
# dlm-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 21064-j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m multiport --dports 5404,5405-j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
Any suggestions would be appreciated.
Thank you.
PS:
Alternatively, if we can't use Zabbix, SNMP fallback could work.
We are mostly looking to monitor just the physical aspects of the hosts servers: local storage space, uptime, load, drives status.
Question
Nick Gorbikoff
Hello.
We are trying to add Zabbix client to our Xen Pool vm's and running into a firewall issue on the hosts/hypervisors. No matter how we try to modify iptables - our changes are just ignored after a restart of iptables.
The initial guide we tried to follow is here: https://share.zabbix.com/virtualization/citrix/citrix-xenserver-disk-and-memory
But since then I scoured the forums here on citrix.com to no avail. Can't find any documentation that explains where config for iptables lives .
# Aything modified here, is simply ignored
# /etc/sysconfig/iptables
Any suggestions would be appreciated.
Thank you.
PS:
Alternatively, if we can't use Zabbix, SNMP fallback could work.
We are mostly looking to monitor just the physical aspects of the hosts servers: local storage space, uptime, load, drives status.
Link to comment
7 answers to this question
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now