Firewall rule RH-Firewall-1-INPUT does not exist, please configure iptables
908246Dec 30 2011 — edited Dec 30 2011Environment:
Oracle Linux 6.2
Oracle VM 3.0.2
Question: Is there an issue with the procedure or the createOracle.sh script with regard to opening ports?
Also, can anyone provide a better set of instructions then: "/etc/init.d/iptables stop"; which is my temporary solution :)
Procedure:
1) After running the createOracle.sh script I receive the following error:
"Firewall rule RH-Firewall-1-INPUT does not exist, please configure iptables manually."
2) After installing OVM I receive the following warning:
"Warning : unable to verify management console port 7001 (http)"
"Warning : unable to verify management console port 7002 (https)"
3) Attempting to access http://host:7001/ovm/console fails due to firewall (assumed)
[root@ovm /]# netstat -an | grep 7001
tcp 0 0 ::1:7001 :::* LISTEN
tcp 0 0 ::ffff:127.0.0.1:7001 :::* LISTEN
tcp 0 0 ::ffff:19x.xxx.xxx.61:7001 :::* LISTEN
tcp 0 0 fe80::250:56ff:feab:4e:7001 :::* LISTEN
[root@ovm /]# iptables -L -n -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
3684 696K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
35 3721 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
9 627 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 3725 packets, 700K bytes)
pkts bytes target prot opt in out source destination
[root@ovm /]# /cdrom/createOracle.sh
Adding group 'oinstall' with gid '54323' ...
groupadd: group 'oinstall' already exists
Adding group 'dba'
groupadd: group 'dba' already exists
Adding user 'oracle' with user id '54322', initial login group 'dba', supplementary group 'oinstall' and home directory '/home/oracle' ...
User 'oracle' already exists ...
uid=54321(oracle) gid=54322(dba) groups=54322(dba),54321(oinstall)
Creating user 'oracle' succeeded ...
Verifying user 'oracle' OS prerequisites for Oracle VM Manager ...
oracle soft nofile 8192
oracle hard nofile 8192
oracle soft nproc 4096
oracle hard nproc 4096
oracle soft core unlimited
oracle hard core unlimited
Setting user 'oracle' OS limits for Oracle VM Manager ...
Altered file /etc/security/limits.conf
Original file backed up at /etc/security/limits.conf.orabackup
Verifying & setting of user limits succeeded ...
Modifying iptables for rule RH-Firewall-1-INPUT(default)
Adding rules to enable access to :
7001 : Oracle VM Manager http
7002 : Oracle VM Manager https
15901 : Oracle VM Manager VM console proxy
54321 : Oracle VM Manager core
Firewall rule RH-Firewall-1-INPUT does not exist, please configure iptables manually.