1)
$ neutron security-group-rule-list
+--------------------------------------+----------------+-----------+-----------+---------------+------------------+
| id | security_group | direction | ethertype | protocol/port | remote |
+--------------------------------------+----------------+-----------+-----------+---------------+------------------+
| 16c7a0ac-535d-46e3-b8d6-3523c019c75a | default | ingress | IPv4 | any | default (group) |
| ff4ecda8-9922-41f7-ac17-d698f57947ce | default | egress | IPv4 | any | 0.0.0.0/0 (CIDR) |
+--------------------------------------+----------------+-----------+-----------+---------------+------------------+
2)
#neutron security-group-rule-create --direction ingress --protocol icmp default
Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| direction | ingress |
| ethertype | IPv4 |
| id | 7eb73c63-9a43-4e32-8293-d6f9c307688e |
| port_range_max | 65535 |
| port_range_min | 0 |
| protocol | icmp |
| remote_group_id | |
| remote_ip_prefix | |
| security_group_id | 6ebb5c26-9448-4479-96de-1bc40a41a806 |
| tenant_id | c216189f65a64175b12bd99b22a60336 |
+-------------------+--------------------------------------+
3)
$ neutron security-group-rule-list
+--------------------------------------+----------------+-----------+-----------+---------------------------+------------------+
| id | security_group | direction | ethertype | protocol/port | remote |
+--------------------------------------+----------------+-----------+-----------+---------------------------+------------------+
| 16c7a0ac-535d-46e3-b8d6-3523c019c75a | default | ingress | IPv4 | any | default (group) |
| ff4ecda8-9922-41f7-ac17-d698f57947ce | default | egress | IPv4 | any | 0.0.0.0/0 (CIDR) |
| 7eb73c63-9a43-4e32-8293-d6f9c307688e | default | ingress | IPv4 | icmp (type:0, code:65535) | any |
+--------------------------------------+----------------+-----------+-----------+---------------------------+------------------+
4)
Add SSH rule
#neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 mysecgrp1
Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| direction | ingress |
| ethertype | IPv4 |
| id | ade31f1b-62f4-408d-8be1-cda6c1e97773 |
| port_range_max | 22 |
| port_range_min | 22 |
| protocol | tcp |
| remote_group_id | |
| remote_ip_prefix | |
| security_group_id | db9123f9-5491-47db-a996-3fd5818f880d |
| tenant_id | c216189f65a64175b12bd99b22a60336 |
+-------------------+--------------------------------------+
$ neutron security-group-rule-list
+--------------------------------------+----------------+-----------+-----------+---------------+------------------+
| id | security_group | direction | ethertype | protocol/port | remote |
+--------------------------------------+----------------+-----------+-----------+---------------+------------------+
| 16c7a0ac-535d-46e3-b8d6-3523c019c75a | default | ingress | IPv4 | any | default (group) |
| ff4ecda8-9922-41f7-ac17-d698f57947ce | default | egress | IPv4 | any | 0.0.0.0/0 (CIDR) |
+--------------------------------------+----------------+-----------+-----------+---------------+------------------+
2)
#neutron security-group-rule-create --direction ingress --protocol icmp default
Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| direction | ingress |
| ethertype | IPv4 |
| id | 7eb73c63-9a43-4e32-8293-d6f9c307688e |
| port_range_max | 65535 |
| port_range_min | 0 |
| protocol | icmp |
| remote_group_id | |
| remote_ip_prefix | |
| security_group_id | 6ebb5c26-9448-4479-96de-1bc40a41a806 |
| tenant_id | c216189f65a64175b12bd99b22a60336 |
+-------------------+--------------------------------------+
3)
$ neutron security-group-rule-list
+--------------------------------------+----------------+-----------+-----------+---------------------------+------------------+
| id | security_group | direction | ethertype | protocol/port | remote |
+--------------------------------------+----------------+-----------+-----------+---------------------------+------------------+
| 16c7a0ac-535d-46e3-b8d6-3523c019c75a | default | ingress | IPv4 | any | default (group) |
| ff4ecda8-9922-41f7-ac17-d698f57947ce | default | egress | IPv4 | any | 0.0.0.0/0 (CIDR) |
| 7eb73c63-9a43-4e32-8293-d6f9c307688e | default | ingress | IPv4 | icmp (type:0, code:65535) | any |
+--------------------------------------+----------------+-----------+-----------+---------------------------+------------------+
4)
Add SSH rule
#neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 mysecgrp1
Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| direction | ingress |
| ethertype | IPv4 |
| id | ade31f1b-62f4-408d-8be1-cda6c1e97773 |
| port_range_max | 22 |
| port_range_min | 22 |
| protocol | tcp |
| remote_group_id | |
| remote_ip_prefix | |
| security_group_id | db9123f9-5491-47db-a996-3fd5818f880d |
| tenant_id | c216189f65a64175b12bd99b22a60336 |
+-------------------+--------------------------------------+