===== COMMAND =====: iptables -t filter -S
===== RETURN CODE =====: 0
===== STDOUT =====:
[10.20.0.4] out: -P INPUT DROP
[10.20.0.4] out: -P FORWARD ACCEPT
[10.20.0.4] out: -P OUTPUT ACCEPT
[10.20.0.4] out: -N nova-api-FORWARD
[10.20.0.4] out: -N nova-api-INPUT
[10.20.0.4] out: -N nova-api-OUTPUT
[10.20.0.4] out: -N nova-api-local
[10.20.0.4] out: -N nova-filter-top
[10.20.0.4] out: -A INPUT -j nova-api-INPUT
[10.20.0.4] out: -A INPUT -p icmp -m comment --comment "000 accept all icmp requests" -j ACCEPT
[10.20.0.4] out: -A INPUT -i lo -m comment --comment "001 accept all to lo interface" -j ACCEPT
[10.20.0.4] out: -A INPUT -m comment --comment "002 accept related established rules" -m state --state RELATED,ESTABLISHED -j ACCEPT
[10.20.0.4] out: -A INPUT -s 10.20.0.2/32 -p tcp -m multiport --sports 4369,5672,41055,55672,61613 -m comment --comment "003 remote rabbitmq " -j ACCEPT
[10.20.0.4] out: -A INPUT -s 10.20.0.2/32 -p tcp -m multiport --sports 8140 -m comment --comment "004 remote puppet " -j ACCEPT
[10.20.0.4] out: -A INPUT -i lo -p tcp -m multiport --sports 15672 -m comment --comment "005 local rabbitmq admin" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --sports 15672 -m comment --comment "006 reject non-local rabbitmq admin" -j DROP
[10.20.0.4] out: -A INPUT -s 10.20.0.2/32 -p tcp -m multiport --dports 8888 -m comment --comment "007 tinyproxy" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --dports 6789 -m comment --comment "010 ceph-mon allow" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 10.20.0.0/24 -p tcp -m multiport --ports 22 -m comment --comment "020 ssh from 10.20.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 22 -m comment --comment "020 ssh from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.1.0/24 -p tcp -m multiport --ports 22 -m comment --comment "020 ssh from 192.168.1.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 240.0.0.2/32 -p tcp -m comment --comment "030 allow connections from haproxy namespace" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 80,443 -m comment --comment "100 http" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 3306,3307,4567,4568,4444,49000 -m comment --comment "101 mysql from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 5000,35357 -m comment --comment "102 keystone from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 8080,6000,6001,6002,49001 -m comment --comment "103 swift" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 9292,9494,9191,8773 -m comment --comment "104 glance" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 8774,8776,6080 -m comment --comment "105 nova" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 8775,5900:6100 -m comment --comment "105 nova internal - no ssl from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 4369,5672,5673,41055 -m comment --comment "106 rabbitmq from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 11211 -m comment --comment "107 memcache tcp from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p udp -m multiport --ports 11211 -m comment --comment "107 memcache udp from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 873 -m comment --comment "108 rsync from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.1.0/24 -p tcp -m multiport --ports 873 -m comment --comment "108 rsync from 192.168.1.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.1.0/24 -p tcp -m multiport --ports 3260 -m comment --comment "109 iscsi from 192.168.1.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 9696 -m comment --comment "110 neutron from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -p udp -m multiport --ports 67 -m comment --comment "111 dhcp-server" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 53 -m comment --comment "111 dns-server tcp from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p udp -m multiport --ports 53 -m comment --comment "111 dns-server udp from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p udp -m multiport --ports 123 -m comment --comment "112 ntp-server from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p udp -m multiport --ports 5404 -m comment --comment "113 corosync-input from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p udp -m multiport --ports 5405 -m comment --comment "114 corosync-output from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p tcp -m multiport --ports 2224 -m comment --comment "115 pcsd-server from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -s 192.168.0.0/24 -p udp -m multiport --ports 58882 -m comment --comment "116 openvswitch db from 192.168.0.0/24" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 8777 -m comment --comment "121 ceilometer" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 8042 -m comment --comment "122 aodh" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --dports 55572 -m comment --comment "203 murano-rabbitmq" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 8004 -m comment --comment "204 heat-api" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 8000 -m comment --comment "205 heat-api-cfn" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 8003 -m comment --comment "206 heat-api-cloudwatch" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --ports 8282,6633,6640,6653,8181,8101 -m comment --comment "215 odl" -j ACCEPT
[10.20.0.4] out: -A INPUT -p tcp -m multiport --dports 179 -m comment --comment "215 quagga" -j ACCEPT
[10.20.0.4] out: -A INPUT -p gre -m comment --comment "334 accept gre" -j ACCEPT
[10.20.0.4] out: -A INPUT -p udp -m multiport --ports 4789 -m comment --comment "340 vxlan_udp_port" -j ACCEPT
[10.20.0.4] out: -A FORWARD -j nova-filter-top
[10.20.0.4] out: -A FORWARD -j nova-api-FORWARD
[10.20.0.4] out: -A OUTPUT -j nova-filter-top
[10.20.0.4] out: -A OUTPUT -j nova-api-OUTPUT
[10.20.0.4] out: -A nova-api-INPUT -d 190.10.2.21/32 -p tcp -m tcp --dport 8775 -j ACCEPT
[10.20.0.4] out: -A nova-filter-top -j nova-api-local
[10.20.0.4] out: 

===== STDERR =====:
