# Generated by iptables-save v1.4.7 on Wed Feb 26 10:40:35 2014
*mangle
:PREROUTING ACCEPT [41932:75903055]
:INPUT ACCEPT [39239:75691822]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [38652:15680606]
:POSTROUTING ACCEPT [38652:15680606]
:nova-api-POSTROUTING - [0:0]
-A POSTROUTING -j nova-api-POSTROUTING 
COMMIT
# Completed on Wed Feb 26 10:40:35 2014
# Generated by iptables-save v1.4.7 on Wed Feb 26 10:40:35 2014
*nat
:PREROUTING ACCEPT [2726:213062]
:POSTROUTING ACCEPT [3736:284253]
:OUTPUT ACCEPT [3736:284253]
:nova-api-OUTPUT - [0:0]
:nova-api-POSTROUTING - [0:0]
:nova-api-PREROUTING - [0:0]
:nova-api-float-snat - [0:0]
:nova-api-snat - [0:0]
:nova-postrouting-bottom - [0:0]
-A PREROUTING -j nova-api-PREROUTING 
-A POSTROUTING -j nova-api-POSTROUTING 
-A POSTROUTING -j nova-postrouting-bottom 
-A OUTPUT -j nova-api-OUTPUT 
-A nova-api-snat -j nova-api-float-snat 
-A nova-postrouting-bottom -j nova-api-snat 
COMMIT
# Completed on Wed Feb 26 10:40:35 2014
# Generated by iptables-save v1.4.7 on Wed Feb 26 10:40:35 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [7479:3820195]
:nova-api-FORWARD - [0:0]
:nova-api-INPUT - [0:0]
:nova-api-OUTPUT - [0:0]
:nova-api-local - [0:0]
:nova-filter-top - [0:0]
-A INPUT -p tcp -m multiport --dports 8777 -m comment --comment "001 ceilometer-api incoming ALL" -j ACCEPT 
-A INPUT -j nova-api-INPUT 
-A INPUT -s 10.16.11.25/32 -p tcp -m multiport --dports 3260,8776 -m comment --comment "001 cinder incoming 10.16.11.25" -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 80 -m comment --comment "001 horizon incoming" -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 9292 -m comment --comment "001 glance incoming ALL" -j ACCEPT
-A INPUT -i lo -p tcp -m multiport --dports 27017 -m comment --comment "001 mongodb incoming localhost" -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 5000,35357 -m comment --comment "001 keystone incoming ALL" -j ACCEPT 
-A INPUT -s 10.16.11.24/32 -p tcp -m multiport --dports 3306 -m comment --comment "001 mysql incoming 10.16.11.24" -j ACCEPT 
-A INPUT -s 10.16.11.25/32 -p tcp -m multiport --dports 3306 -m comment --comment "001 mysql incoming 10.16.11.25" -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 80 -m comment --comment "001 nagios incoming" -j ACCEPT 
-A INPUT -s 10.16.11.27/32 -p tcp -m multiport --dports 5666 -m comment --comment "001 nagios-nrpe incoming 10.16.11.27" -j ACCEPT 
-A INPUT -s 10.16.11.27/32 -p tcp -m multiport --dports 3306 -m comment --comment "001 mysql incoming 10.16.11.27" -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 6080 -m comment --comment "001 novncproxy incoming" -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 8773,8774,8775 -m comment --comment "001 novaapi incoming" -j ACCEPT 
-A INPUT -s 10.16.11.24/32 -p tcp -m multiport --dports 5671,5672 -m comment --comment "001 qpid incoming 10.16.11.24" -j ACCEPT 
-A INPUT -s 10.16.11.25/32 -p tcp -m multiport --dports 5671,5672 -m comment --comment "001 qpid incoming 10.16.11.25" -j ACCEPT 
-A INPUT -p tcp -m multiport --dports 8080 -m comment --comment "001 swift proxy incoming" -j ACCEPT 
-A INPUT -s 10.16.11.25/32 -p tcp -m multiport --dports 6000,6001,6002,873 -m comment --comment "001 swift storage and rsync incoming 10.16.11.25" -j ACCEPT 
-A INPUT -s 10.16.11.27/32 -p tcp -m multiport --dports 6000,6001,6002,873 -m comment --comment "001 swift storage and rsync incoming 10.16.11.27" -j ACCEPT 
-A INPUT -s 10.16.11.27/32 -p tcp -m multiport --dports 5671,5672 -m comment --comment "001 qpid incoming 10.16.11.27" -j ACCEPT 
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A INPUT -p icmp -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 
-A INPUT -j REJECT --reject-with icmp-host-prohibited 
-A FORWARD -j nova-filter-top 
-A FORWARD -j nova-api-FORWARD 
-A FORWARD -j REJECT --reject-with icmp-host-prohibited 
-A OUTPUT -j nova-filter-top 
-A OUTPUT -j nova-api-OUTPUT 
-A nova-api-INPUT -d 10.16.11.27/32 -p tcp -m tcp --dport 8775 -j ACCEPT 
-A nova-filter-top -j nova-api-local 
COMMIT
# Completed on Wed Feb 26 10:40:35 2014
