9599ffe65d
Move existing content around based on the doc-migration specification. Replace :doc: markup with :ref: to have sphinx keep track of where the files move and generate valid hyperlinks. Add a few toctrees and index pages for the new directories. Depends-On: Ia750cb049c0f53a234ea70ce1f2bbbb7a2aa9454 Change-Id: I253ee8f89d3ec40e39310c18bb87ed1d3d5de330 Signed-off-by: Doug Hellmann <doug@doughellmann.com>
4.2 KiB
security group rule
A security group rule specifies the network access rules for servers and other resources on the network.
Compute v2, Network v2
security group rule create
Create a new security group rule
security group rule create
openstack security group rule create
[--remote-ip <ip-address> | --remote-group <group>]
[--dst-port <port-range> | [--icmp-type <icmp-type> [--icmp-code <icmp-code>]]]
[--protocol <protocol>]
[--ingress | --egress]
[--ethertype <ethertype>]
[--project <project> [--project-domain <project-domain>]]
[--description <description>]
<group>--remote-ip <ip-address>
Remote IP address block (may use CIDR notation; default for IPv4 rule: 0.0.0.0/0)
--remote-group <group>
Remote security group (name or ID)
--dst-port <port-range>
Destination port, may be a single port or a starting and ending port range: 137:139. Required for IP protocols TCP and UDP. Ignored for ICMP IP protocols.
--icmp-type <icmp-type>
ICMP type for ICMP IP protocols
Network version 2 only
--icmp-code <icmp-code>
ICMP code for ICMP IP protocols
Network version 2 only
--protocol <protocol>
IP protocol (icmp, tcp, udp; default: tcp)
Compute version 2
IP protocol (ah, dccp, egp, esp, gre, icmp, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255]; default: tcp)
Network version 2
--ingress
Rule applies to incoming network traffic (default)
Network version 2 only
--egress
Rule applies to outgoing network traffic
Network version 2 only
--ethertype <ethertype>
Ethertype of network traffic (IPv4, IPv6; default: based on IP protocol)
Network version 2 only
--project <project>
Owner's project (name or ID)
Network version 2 only
--project-domain <project-domain>
Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
Network version 2 only
--description <description>
Set security group rule description
Network version 2 only
<group>
Create rule in this security group (name or ID)
security group rule delete
Delete security group rule(s)
security group rule delete
openstack security group rule delete
<rule> [<rule> ...]<rule>
Security group rule(s) to delete (ID only)
security group rule list
List security group rules
security group rule list
openstack security group rule list
[--all-projects]
[--protocol <protocol>]
[--ingress | --egress]
[--long]
[<group>]--all-projects
Display information from all projects (admin only)
Network version 2 ignores this option and will always display information for all projects (admin only).
--long
List additional fields in output
Compute version 2 does not have additional fields to display.
--protocol
List rules by the IP protocol (ah, dhcp, egp, esp, gre, icmp, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt,ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255])
Network version 2
--ingress
List rules applied to incoming network traffic
Network version 2 only
--egress
List rules applied to outgoing network traffic
Network version 2 only
<group>
List all rules in this security group (name or ID)
security group rule show
Display security group rule details
security group rule show
openstack security group rule show
<rule><rule>
Security group rule to display (ID only)