|
|
楼主 |
发表于 2022-12-6 17:36:32
|
显示全部楼层
添加所有icmp规则出口
: N6 q# i, K# ^" |* ]& P" l
; l [ y. z! B1 A0 h% _; Topenstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b66977 U. N$ }! I' g a( q5 k
& G( d1 {& R; N6 x0 KCopy
( X% H% r2 L1 z* f) M[root@controller ~]# openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697; k8 G7 r, f# E7 f" b
+-------------------+--------------------------------------+% K1 O6 b H8 B/ P8 g. U7 Y; Y
| Field | Value |
$ N8 R7 N, n) x: A$ ]$ w6 ^+-------------------+--------------------------------------+3 z" B# @% b6 q, v$ s1 }/ S5 W
| created_at | 2022-04-30T21:27:42Z |
4 n/ t: \9 d3 n# e! c| description | |* D2 k, y# H3 X* x
| direction | egress |
+ T4 I1 a8 a- ]| ether_type | IPv4 |
3 p1 Y: G! a2 |8 r| id | ede63376-0eeb-4a6b-9dd9-f3a63418c85b |
3 X+ R- k- F& c! s! ^( w| name | None | F# W$ U) X. c0 [9 |$ \% u: `
| port_range_max | None |
]% A( q: O# s* P| port_range_min | None |- t6 R8 H8 Z/ n x& r, A
| project_id | 0635fff1ca6c42ab983e8a05d533eda3 |6 w+ ` ^' \- j9 L* r* ^
| protocol | icmp |: F+ w) [+ l, c! _
| remote_group_id | None |6 z1 q" }3 T, u! R9 ]
| remote_ip_prefix | 0.0.0.0/0 |+ ]2 b3 F c* x' [
| revision_number | 0 |
8 k& B* Q% N; B7 O! t) G* s4 ^| security_group_id | 712025d7-6aa6-40e4-9104-4df6706b6697 |
4 {9 G$ n% `% M$ l( g4 p6 g$ P! e| updated_at | 2022-04-30T21:27:42Z |
& N# d" b& |, ? D* @+-------------------+--------------------------------------+
3 y' K9 n3 k8 r) u添加所有udp规则入口
+ n& s' w9 O; y/ K- Y; D
' M# A e% A4 F0 i: [6 e, popenstack security group rule create --protocol udp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
& V. p2 V2 h. q: g. W; i" x7 H/ n, J4 m& u6 ^+ M3 ^
添加所有udp规则出口5 v! n) f F3 j# e" b0 f- X7 H# L
& a8 Q. Q# O- U) Bopenstack security group rule create --protocol udp --egress 712025d7-6aa6-40e4-9104-4df6706b66972 S' V8 ]' o6 m9 {
, }! k1 R) P: @6 G- O
添加所有tcp规则入口
# s; X; \, ^ S; R9 k- A, }) s7 _3 b% h6 |9 T; D" x) x% A
openstack security group rule create --protocol tcp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
) ~# H3 o0 }4 {/ D1 Z
) u# y6 z1 Z* C# ~添加所有tcp规则出口
! ~0 p' |2 V6 Q {7 ]
' j# ?7 |4 M! j. Mopenstack security group rule create --protocol tcp --egress 712025d7-6aa6-40e4-9104-4df6706b6697/ c1 B8 Y/ D, ]% _
. j! Q# w2 _/ ^
查看安全组规则# K6 P; W3 O- _( m; ]3 @/ r
3 n( s; r3 y- L7 U% i, topenstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697' ]7 _$ r- M$ o% j
) j7 r, B. B# o# ~' X/ Q8 `
Copy# M/ v) G I" Q' t% E" a, s. [1 E
[root@controller ~]# openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697
9 U: _3 P B# w$ I- d4 J+--------------------------------------+-------------+-----------+------------+-----------------------+" ^- _' E+ u) @
| ID | IP Protocol | IP Range | Port Range | Remote Security Group |% T" @( o" e5 ^- T: _: _
+--------------------------------------+-------------+-----------+------------+-----------------------+% D7 i( C, d/ i8 P/ {8 M0 v
| 869e67e5-5571-4c03-a21c-715e3dd51a5c | icmp | 0.0.0.0/0 | | None |" w- Q+ P7 f; B9 `9 ?
| 8a91bc8e-c9cd-4bf1-86ae-0c6d9eef67e7 | udp | 0.0.0.0/0 | | None |) r) e' `7 v7 k. I& W
| b525b93f-ffb6-4b84-be99-fdfd6f0fad75 | tcp | 0.0.0.0/0 | | None |
: V) [/ Z) f, u4 L3 e- Y| dfea0691-0903-4cdf-b775-297eb6858f0d | udp | 0.0.0.0/0 | | None |
4 V* ^9 Q0 n# r9 K| ede63376-0eeb-4a6b-9dd9-f3a63418c85b | icmp | 0.0.0.0/0 | | None |+ g; ]! M% u7 J! ^
| f9371589-1b17-4e5b-9f8d-798055cdc662 | tcp | 0.0.0.0/0 | | None |
/ q9 L9 _9 w7 s( @+--------------------------------------+-------------+-----------+------------+-----------------------+ |
|
发表于 2022-12-6 17:35:26