Closed Bug 753234 Opened 11 years ago Closed 11 years ago

web2.stage.bugs.scl3.mozilla.com requires access to http, https and smtp

Categories

(Infrastructure & Operations Graveyard :: NetOps: DC ACL Request, task, P1)

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: glob, Assigned: cransom)

References

Details

since bugzilla-stage-tip was moved from sjc to scl3, it is no longer able to access the internet.

[bjones@web2 ~]$ hostname
web2.stage.bugs.scl3.mozilla.com
[bjones@web2 ~]$ telnet glob.com.au 80
Trying 110.173.227.153...
<timeout>

please allow web2.stage.bugs.scl3.mozilla.com to establish outgoing connections on :80, :443 and :25.

thanks
Blocks: 729992
Blocks: 706184
No longer blocks: 729992
Severity: major → normal
Priority: -- → P1
what kind of mail is web2 sending? we'll need to add specific static nat if this is user generated so that we don't end up black listing other ips.
Component: Server Operations: Netops → Server Operations: ACL Request
(In reply to casey ransom [:casey] from comment #1)
> what kind of mail is web2 sending? we'll need to add specific static nat if
> this is user generated so that we don't end up black listing other ips.

Similar mail to production bugzilla.mozilla.org. So the setup needs to be similar to production and be able to deliver email to the appropriate relay for testing purposes.

dkl
Assignee: network-operations → cransom
I added flows and a stage.bugs appropriate source NAT address. I'm assuming the appropriate relay you mention is an internet host rather than something internal as I don't see anything specific in phx1 for mail relay from bugzilla (but it might get inherited from other blanket rules), let me know if not the case.
[root@web2 ~]# curl ip.hubns.net/?raw
63.245.214.160
[root@web2 ~]# nc -vz mail.hubns.net 25
Connection to mail.hubns.net 25 port [tcp/smtp] succeeded!
(443 also works)
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Product: mozilla.org → Infrastructure & Operations
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in before you can comment on or make changes to this bug.