- 积分
- 16840
在线时间 小时
最后登录1970-1-1
|
楼主 |
发表于 2022-12-6 17:36:32
|
显示全部楼层
添加所有icmp规则出口
' }( |. Z; v( J( D I; y
6 y2 ~& l, h( S5 {. @openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
6 ^4 n1 U# g) R! _2 k |! c% r. a( W$ y [4 L
Copy' D2 y- t6 S+ r" @1 v
[root@controller ~]# openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
" I) N: s ^) V- G! p& R9 z. E. S+-------------------+--------------------------------------+ f, n% ~! E# a, R& s, {% }
| Field | Value |" R( A. R" O3 b: x& ]) Y
+-------------------+--------------------------------------+% j# ^; [+ _3 r
| created_at | 2022-04-30T21:27:42Z |5 }- Z! J& E# J7 U7 j8 M' P8 d$ u
| description | |# j6 {* c1 S; F3 O
| direction | egress |
2 M4 G; W l: T; A8 U| ether_type | IPv4 |% b. u; R6 k9 p4 |9 _
| id | ede63376-0eeb-4a6b-9dd9-f3a63418c85b |% m& N) L# [$ A8 `" a
| name | None |
4 ~$ \: [ A* M Y! R* S' d| port_range_max | None |7 W- C. N+ p0 \0 W
| port_range_min | None |
# _, J/ G+ d2 ^5 E| project_id | 0635fff1ca6c42ab983e8a05d533eda3 |
4 P/ |1 ?: l. j. i0 J| protocol | icmp |! ~$ Q& E, Y5 b
| remote_group_id | None |: g1 b2 D3 C* A
| remote_ip_prefix | 0.0.0.0/0 |
. e# M# A/ _* l r0 B& N( s| revision_number | 0 |
( `5 B! O7 P u! A, ^2 y| security_group_id | 712025d7-6aa6-40e4-9104-4df6706b6697 |
, r: D" r" ?& ^( T| updated_at | 2022-04-30T21:27:42Z |5 d# w1 ~2 G& e6 {
+-------------------+--------------------------------------++ O2 q6 M% P! u- ?1 S, x# n( g2 V
添加所有udp规则入口# m9 z& v/ f Z
- P) e O, n2 s# r( `. l
openstack security group rule create --protocol udp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
, Y! F. ^) C1 G5 ?0 ]7 e6 e" S4 P" o2 [: m. ^4 m3 s2 m! p
添加所有udp规则出口
- ]8 l) z9 `7 N" M. L
. A% \9 O( m- G2 C/ Mopenstack security group rule create --protocol udp --egress 712025d7-6aa6-40e4-9104-4df6706b6697) n0 c9 H f! c2 N8 x6 l
4 S* I% ?! `( {( i9 s% I( d3 w5 b- z9 ]
添加所有tcp规则入口% B8 l# q& R: I" a0 r3 G
4 t! i: z% U- R/ ?openstack security group rule create --protocol tcp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
1 \7 ]6 L3 K: V# {& N- }. Q5 G t; u2 K' {: t: v9 B
添加所有tcp规则出口
+ ~0 f v1 n* ]. E
, P4 P/ \4 z/ r$ y Mopenstack security group rule create --protocol tcp --egress 712025d7-6aa6-40e4-9104-4df6706b66979 f+ V. {$ |9 [2 R
5 h0 c, |* J+ V+ l
查看安全组规则4 Z# P3 e: {7 J/ v3 R$ I5 J B
' v# w! A9 s$ W6 \
openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697
`4 p" h$ i9 k" r0 P! \
- k: i3 j9 h, c4 ~7 QCopy2 u4 J$ P2 C1 S
[root@controller ~]# openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697
) k# V: Q4 R" z! w+--------------------------------------+-------------+-----------+------------+-----------------------+" q# C" o, m) l+ N. }% A
| ID | IP Protocol | IP Range | Port Range | Remote Security Group |7 ^2 t8 A3 |& ]& z: g9 T; B
+--------------------------------------+-------------+-----------+------------+-----------------------+) |4 b! q7 p% n' \. v( t W3 p
| 869e67e5-5571-4c03-a21c-715e3dd51a5c | icmp | 0.0.0.0/0 | | None |
# t# A+ V/ `& F" @; C5 u| 8a91bc8e-c9cd-4bf1-86ae-0c6d9eef67e7 | udp | 0.0.0.0/0 | | None |
: Q1 Z. E% {1 _1 f) {) k7 ~| b525b93f-ffb6-4b84-be99-fdfd6f0fad75 | tcp | 0.0.0.0/0 | | None |
1 W$ r0 l. b2 r. {) |2 W( K| dfea0691-0903-4cdf-b775-297eb6858f0d | udp | 0.0.0.0/0 | | None |! O/ e( U7 _' \8 T- k
| ede63376-0eeb-4a6b-9dd9-f3a63418c85b | icmp | 0.0.0.0/0 | | None |
( D. ~- ~+ {! ?' C| f9371589-1b17-4e5b-9f8d-798055cdc662 | tcp | 0.0.0.0/0 | | None |
3 `/ F) D. J: k# j2 `. l5 ]' q$ A+--------------------------------------+-------------+-----------+------------+-----------------------+ |
|
/4 
窥视卡
雷达卡
发表于 2022-12-6 17:35:26
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
