[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Port binding restriction




----- Original Message -----
> From: "Diego Spinola Castro" <spinolacastro gmail com>
> To: dev lists openshift redhat com
> Sent: Thursday, September 26, 2013 3:12:59 PM
> Subject: Port binding restriction
> 
> 
> 
> Hi guys, i found a thread about no restrictions on port binding on
> origin.
> I've found this scripts
> https://github.com/openshift/openshift-extras/tree/master and wanna
> know how is the admin instructions, as far as i could see it creates
> a huge iptables rules list and the other one does something on
> selinux.

Oh hey, that's new. Thanks Rob :)

> Should i run it once? every gear creation? how is that works?

Those security scripts create static rules that cover every possible gear that will be created, so they only need to be run once.

Since this arose out of the OpenShift Online configuration, there *may* be some assumptions in there that are broken if your config is substantially different from that environment. That's presumably why it's in extras at the moment. Nothing jumps out at me as causing problems though.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]