|
|
楼主 |
发表于 2022-12-6 17:36:32
|
显示全部楼层
添加所有icmp规则出口
# {, o! d3 p4 n- |/ C7 ]
$ x8 x* C8 y" A- n/ s( j+ _openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
; M i) O. }9 W( m& G$ |+ l. r
3 q- o; [! t+ D7 c# Y* Q" TCopy7 `% k" P1 x, j" `! i |% F
[root@controller ~]# openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
5 {: V! d c% h$ Z+-------------------+--------------------------------------+
6 @% @# M4 ~4 Y/ U+ s* K- b. z| Field | Value |
" ~! p- }4 c2 u% A( E+-------------------+--------------------------------------++ P$ `2 U% @7 [) p+ J! c- n
| created_at | 2022-04-30T21:27:42Z |
, D9 O. v2 I8 B, ]) U| description | |6 x% F" q& S0 f5 Z/ {; L
| direction | egress |: Z! ^* W M9 p
| ether_type | IPv4 |
' f% G/ P5 H$ r, y| id | ede63376-0eeb-4a6b-9dd9-f3a63418c85b |
; o7 [1 m/ w# }2 ~| name | None |
; g0 f: s" F' K8 X5 z| port_range_max | None |. e, V& I6 u, M
| port_range_min | None |
0 P# O! x) y$ |/ g) _1 x| project_id | 0635fff1ca6c42ab983e8a05d533eda3 |5 J5 r0 g: D3 P6 c- D
| protocol | icmp |
% W! [1 m4 I; I| remote_group_id | None |
+ @! j+ p4 Z5 x; C( p| remote_ip_prefix | 0.0.0.0/0 |
J' m) x5 d+ _1 }7 b| revision_number | 0 |# ], K N8 Z/ q: Q7 i# a' H4 k# k# Y
| security_group_id | 712025d7-6aa6-40e4-9104-4df6706b6697 |
' c1 A# C8 q; ?# R2 ^| updated_at | 2022-04-30T21:27:42Z |
t$ j& J+ j' x: ]) }+-------------------+--------------------------------------+! O# [% a2 |, _: ?+ `! ?) o, A; n% i5 E
添加所有udp规则入口% i( t; k, y2 Q; r% J
9 Z* h% o3 t! G2 H' P% |* u/ C- l8 Vopenstack security group rule create --protocol udp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697" N9 V- W k! S2 i; ?' z2 [
* _9 E4 }) Z r2 h添加所有udp规则出口
6 }; n2 i/ i" }6 p/ X9 H5 s
7 J- A" @! R) j/ d( p5 y* G. yopenstack security group rule create --protocol udp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
4 C6 @* `, b0 v+ @, N4 G( \( |% I$ R
添加所有tcp规则入口3 @- {0 g' _% v) l6 s6 O6 n( ^2 m% K
! u) u- c$ }! w, f+ Mopenstack security group rule create --protocol tcp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
9 y4 s- i# P9 s8 X5 s
' o8 a I7 t: |4 D添加所有tcp规则出口1 P( ]" _3 r5 w- G
. h0 r. U) `, m) i# Wopenstack security group rule create --protocol tcp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
. X# y$ c3 y# Q3 i H) K' @! P) Z( a$ w
查看安全组规则
% w+ k b, w/ e5 w
1 @ f7 p) J6 K8 e! G" |: e) v9 Copenstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697
& N2 ~$ d! {! Z4 @6 ?. |" W% w3 U6 d( @' w- f! ^: X7 p
Copy
" U! j# R9 c1 t7 z( l. h# ~[root@controller ~]# openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697
+ `3 P/ R) e0 ?7 p! Q+--------------------------------------+-------------+-----------+------------+-----------------------+0 q6 Q; s2 E2 `7 L% q9 [
| ID | IP Protocol | IP Range | Port Range | Remote Security Group |
& A" N& w3 T7 F7 I/ x+--------------------------------------+-------------+-----------+------------+-----------------------+
" [5 w C9 i% l| 869e67e5-5571-4c03-a21c-715e3dd51a5c | icmp | 0.0.0.0/0 | | None |
) S& {7 S- w1 G2 c" k& f/ f| 8a91bc8e-c9cd-4bf1-86ae-0c6d9eef67e7 | udp | 0.0.0.0/0 | | None |
% {6 l0 e+ M! _ R: `0 ~/ o| b525b93f-ffb6-4b84-be99-fdfd6f0fad75 | tcp | 0.0.0.0/0 | | None |2 _% c F# V$ Q; |3 w1 `3 d; |
| dfea0691-0903-4cdf-b775-297eb6858f0d | udp | 0.0.0.0/0 | | None |
) r a5 ?; r$ t! F+ u! D| ede63376-0eeb-4a6b-9dd9-f3a63418c85b | icmp | 0.0.0.0/0 | | None |8 |8 ?; L+ p4 z3 A1 N' ^/ Q) k& |- g
| f9371589-1b17-4e5b-9f8d-798055cdc662 | tcp | 0.0.0.0/0 | | None |
& K6 L" c9 O2 C7 `7 ?+--------------------------------------+-------------+-----------+------------+-----------------------+ |
|
发表于 2022-12-6 17:35:26