|
|
楼主 |
发表于 2022-12-6 17:36:32
|
显示全部楼层
添加所有icmp规则出口7 t8 A5 p- X- X* @/ a6 i
6 L" m; w& |* [% Xopenstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697: ]4 [' t; Y" P; f
; J. l( D, l: Y: t B
Copy/ i8 @0 P7 C1 s9 _0 k- w
[root@controller ~]# openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b66977 _7 U) c" Y Z+ o
+-------------------+--------------------------------------+0 H# o/ g3 x$ F4 \/ t- o7 C
| Field | Value |
" q4 |/ G& [/ Z" b2 [( H4 N. c+-------------------+--------------------------------------+% M9 d- F" [$ u- f' Y( z
| created_at | 2022-04-30T21:27:42Z |% ?2 r, x: }0 X6 _
| description | |& Z. @2 ~! h/ |2 a! y: N
| direction | egress |
( ^7 X' w( @2 L+ z% {* G% a| ether_type | IPv4 |
; O! W1 k; Z, [) h| id | ede63376-0eeb-4a6b-9dd9-f3a63418c85b |
) `% j; m4 t. s4 x| name | None |
2 C M; G* I. w8 \| port_range_max | None |$ B6 Y* K% [! K* U3 b4 p7 v3 |* k
| port_range_min | None |- h! x/ J( O1 N. O+ M- _. f
| project_id | 0635fff1ca6c42ab983e8a05d533eda3 |, X' S8 ?* t% L6 B2 q
| protocol | icmp |
' H7 ] U( `: a| remote_group_id | None |) t1 B; l+ C0 c
| remote_ip_prefix | 0.0.0.0/0 |
5 R/ C1 C2 f6 M& S" m: N0 U0 }3 Y| revision_number | 0 |) P" i6 D; u( g; `9 J
| security_group_id | 712025d7-6aa6-40e4-9104-4df6706b6697 |6 a* R; Q$ ^! ?0 z7 }# v
| updated_at | 2022-04-30T21:27:42Z |9 I x ?% M) D5 ?0 p# d# x
+-------------------+--------------------------------------+2 A( @: N$ V2 J# `3 s3 E, }' U: a
添加所有udp规则入口
. S. e* F1 k2 W! p( y( [% K$ Y
1 P( V" J% N/ }7 [- f2 z4 J& F0 Xopenstack security group rule create --protocol udp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697* K+ B3 K9 m5 D# M3 \+ A
0 U+ N( c* y, Y! Y& R5 k
添加所有udp规则出口
* V) a9 s2 d3 L* o S3 ~
9 w& `# w! i0 x+ c) ~6 _8 U; Q1 n& |# {openstack security group rule create --protocol udp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
/ ?: _9 a+ Q* q# q% V) `: P
* P# w: e5 F/ ]; e9 ?添加所有tcp规则入口
g+ g- z+ L' s a( i6 J& C8 E1 v! Y2 q) I. x5 X5 x) y
openstack security group rule create --protocol tcp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697- [ A5 p! A2 Q% z
$ ~& t. X& U! c( M h: c添加所有tcp规则出口
! ~) W {: t0 n# V0 L2 m' X* v1 P/ { z& @* i J
openstack security group rule create --protocol tcp --egress 712025d7-6aa6-40e4-9104-4df6706b6697( h& {; U1 y: L9 [$ Q, q
+ x% x1 ~, f A# g0 x
查看安全组规则
. e u/ `& L, X0 |1 w9 a" |0 E. H3 m3 m
openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b66972 H) ]! Z8 K- K4 C
: q0 Q1 ?/ m% {& U; {) y
Copy
* E3 t- _- K. f; p" e[root@controller ~]# openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697
, [1 d" _7 L" S& r+--------------------------------------+-------------+-----------+------------+-----------------------+
2 a f/ ?2 v, V7 Y/ U' ?3 f| ID | IP Protocol | IP Range | Port Range | Remote Security Group |
^( t& x% S) a" O) Q! \+ N+--------------------------------------+-------------+-----------+------------+-----------------------+
8 |$ `0 ]4 |: R" U5 s, g| 869e67e5-5571-4c03-a21c-715e3dd51a5c | icmp | 0.0.0.0/0 | | None |
$ e+ W) ~; k* O| 8a91bc8e-c9cd-4bf1-86ae-0c6d9eef67e7 | udp | 0.0.0.0/0 | | None |( ~" e# h8 b3 M" {: J
| b525b93f-ffb6-4b84-be99-fdfd6f0fad75 | tcp | 0.0.0.0/0 | | None |0 N" v5 Q4 }3 r; T& W- p2 X v
| dfea0691-0903-4cdf-b775-297eb6858f0d | udp | 0.0.0.0/0 | | None |$ d- E( V0 ?4 h" I
| ede63376-0eeb-4a6b-9dd9-f3a63418c85b | icmp | 0.0.0.0/0 | | None | h$ l% X6 A( a$ f* M
| f9371589-1b17-4e5b-9f8d-798055cdc662 | tcp | 0.0.0.0/0 | | None |" r1 b, `) N7 r# V' N- g* t
+--------------------------------------+-------------+-----------+------------+-----------------------+ |
|
发表于 2022-12-6 17:35:26