OpenStack之安全组添加规则

一、创建一个用于测试的安全组

openstack security group create SECURITY_GROUP_NAME --description GROUP_DESCRIPTION
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group create 测试安全组 --description '这是一个用于测试的安全组'
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field           | Value                                                                                                                                                            |
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at      | 2020-07-30T15:35:12Z                                                                                                                                             |
| description     | 这是一个用于测试的安全组                                                                                                                                         |
| id              | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| location        | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name            | 测试安全组                                                                                                                                                       |
| project_id      | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| revision_number | 1                                                                                                                                                                |
| rules           | created_at='2020-07-30T15:35:12Z', direction='egress', ethertype='IPv6', id='2b0a0c2b-a08e-492e-8429-ba8ff1522862', updated_at='2020-07-30T15:35:12Z'            |
|                 | created_at='2020-07-30T15:35:12Z', direction='egress', ethertype='IPv4', id='a7a9f21e-5d7f-4ed6-8455-9bf249d838de', updated_at='2020-07-30T15:35:12Z'            |
| tags            | []                                                                                                                                                               |
| updated_at      | 2020-07-30T15:35:12Z                                                                                                                                             |
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$

OpenStack之安全组添加规则

二、给安全组添加规则
1、删除默认规则

[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule delete 2b0a0c2b-a08e-492e-8429-ba8ff1522862
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule delete a7a9f21e-5d7f-4ed6-8455-9bf249d838de
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group show 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field           | Value                                                                                                                                                            |
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at      | 2020-07-30T15:35:12Z                                                                                                                                             |
| description     | 这是一个用于测试的安全组                                                                                                                                         |
| id              | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| location        | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name            | 测试安全组                                                                                                                                                       |
| project_id      | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| revision_number | 3                                                                                                                                                                |
| rules           |                                                                                                                                                                  |
| tags            | []                                                                                                                                                               |
| updated_at      | 2020-07-30T15:39:15Z                                                                                                                                             |
+-----------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ 

OpenStack之安全组添加规则

2、给安全组添加放行全通行规则

[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --egress --ethertype IPv4 --description "放行IPV4所有流量出去" 86e3bce1-3608-4d79-aa8d-0f47c205e227       
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T15:48:28Z                                                                                                                                             |
| description       | 放行IPV4所有流量出去                                                                                                                                             |
| direction         | egress                                                                                                                                                           |
| ether_type        | IPv4                                                                                                                                                             |
| id                | d8967eea-4cad-4466-9f0e-c7ba501a12d4                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | None                                                                                                                                                             |
| port_range_min    | None                                                                                                                                                             |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | None                                                                                                                                                             |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | 0.0.0.0/0                                                                                                                                                        |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T15:48:28Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --egress --ethertype IPv6 --description "放行IPV6所有流量出去" 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T15:48:37Z                                                                                                                                             |
| description       | 放行IPV6所有流量出去                                                                                                                                             |
| direction         | egress                                                                                                                                                           |
| ether_type        | IPv6                                                                                                                                                             |
| id                | e3fc1615-b3dc-4a84-aab7-30c461e5fb76                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | None                                                                                                                                                             |
| port_range_min    | None                                                                                                                                                             |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | None                                                                                                                                                             |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | ::/0                                                                                                                                                             |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T15:48:37Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ 
[lookback@LookdeMacBook-Pro ~/OpenStack]$ 
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group show 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                      
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field           | Value                                                                                                                                                                                                                   |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at      | 2020-07-30T15:35:12Z                                                                                                                                                                                                    |
| description     | 这是一个用于测试的安全组                                                                                                                                                                                                |
| id              | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                                                                                    |
| location        | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone=                                                        |
| name            | 测试安全组                                                                                                                                                                                                              |
| project_id      | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                                                                        |
| revision_number | 7                                                                                                                                                                                                                       |
| rules           | created_at='2020-07-30T15:48:28Z', description='放行IPV4所有流量出去', direction='egress', ethertype='IPv4', id='d8967eea-4cad-4466-9f0e-c7ba501a12d4', remote_ip_prefix='0.0.0.0/0', updated_at='2020-07-30T15:48:28Z' |
|                 | created_at='2020-07-30T15:48:37Z', description='放行IPV6所有流量出去', direction='egress', ethertype='IPv6', id='e3fc1615-b3dc-4a84-aab7-30c461e5fb76', remote_ip_prefix='::/0', updated_at='2020-07-30T15:48:37Z'      |
| tags            | []                                                                                                                                                                                                                      |
| updated_at      | 2020-07-30T15:48:37Z                                                                                                                                                                                                    |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ 

OpenStack之安全组添加规则

3、添加ICMP规则

[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --ingress --protocol icmp --description "允许PING" 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T15:51:57Z                                                                                                                                             |
| description       | 允许PING                                                                                                                                                         |
| direction         | ingress                                                                                                                                                          |
| ether_type        | IPv4                                                                                                                                                             |
| id                | 50fc9d9d-6dce-45bc-b7dc-3718611906b8                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | None                                                                                                                                                             |
| port_range_min    | None                                                                                                                                                             |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | icmp                                                                                                                                                             |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | 0.0.0.0/0                                                                                                                                                        |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T15:51:57Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group show 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                          
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field           | Value                                                                                                                                                                                                                         |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at      | 2020-07-30T15:35:12Z                                                                                                                                                                                                          |
| description     | 这是一个用于测试的安全组                                                                                                                                                                                                      |
| id              | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                                                                                          |
| location        | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone=                                                              |
| name            | 测试安全组                                                                                                                                                                                                                    |
| project_id      | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                                                                              |
| revision_number | 8                                                                                                                                                                                                                             |
| rules           | created_at='2020-07-30T15:51:57Z', description='允许PING', direction='ingress', ethertype='IPv4', id='50fc9d9d-6dce-45bc-b7dc-3718611906b8', protocol='icmp', remote_ip_prefix='0.0.0.0/0', updated_at='2020-07-30T15:51:57Z' |
|                 | created_at='2020-07-30T15:48:28Z', description='放行IPV4所有流量出去', direction='egress', ethertype='IPv4', id='d8967eea-4cad-4466-9f0e-c7ba501a12d4', remote_ip_prefix='0.0.0.0/0', updated_at='2020-07-30T15:48:28Z'       |
|                 | created_at='2020-07-30T15:48:37Z', description='放行IPV6所有流量出去', direction='egress', ethertype='IPv6', id='e3fc1615-b3dc-4a84-aab7-30c461e5fb76', remote_ip_prefix='::/0', updated_at='2020-07-30T15:48:37Z'            |
| tags            | []                                                                                                                                                                                                                            |
| updated_at      | 2020-07-30T15:51:57Z                                                                                                                                                                                                          |
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$

OpenStack之安全组添加规则

4、添加指定IP的放行SSH端口和所有IP的WEB端口

[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 22:22 --remote-ip 172.30.100.100 --description "SSH_PORT_ACCEPT" 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T16:00:17Z                                                                                                                                             |
| description       | SSH_PORT_ACCEPT                                                                                                                                                  |
| direction         | ingress                                                                                                                                                          |
| ether_type        | IPv4                                                                                                                                                             |
| id                | 3326f295-4e00-41ba-a560-e9623534ee75                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | 22                                                                                                                                                               |
| port_range_min    | 22                                                                                                                                                               |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | tcp                                                                                                                                                              |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | 172.30.100.100/32                                                                                                                                                |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T16:00:17Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --ingress --ethertype IPv6 --protocol tcp --dst-port 22:22 --remote-ip 2404:eb40::100 --description "SSH_PORT_ACCEPT" 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T16:00:31Z                                                                                                                                             |
| description       | SSH_PORT_ACCEPT                                                                                                                                                  |
| direction         | ingress                                                                                                                                                          |
| ether_type        | IPv6                                                                                                                                                             |
| id                | 1aaa272b-3ee0-4acb-8f66-d40babd6e4c8                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | 22                                                                                                                                                               |
| port_range_min    | 22                                                                                                                                                               |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | tcp                                                                                                                                                              |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | 2404:eb40::100/128                                                                                                                                               |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T16:00:31Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 80:80 --description "HTTP_PORT_ACCEPT" 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T16:01:22Z                                                                                                                                             |
| description       | HTTP_PORT_ACCEPT                                                                                                                                                 |
| direction         | ingress                                                                                                                                                          |
| ether_type        | IPv4                                                                                                                                                             |
| id                | 76030ba4-e402-455a-9e19-1e23dba88d01                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | 80                                                                                                                                                               |
| port_range_min    | 80                                                                                                                                                               |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | tcp                                                                                                                                                              |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | 0.0.0.0/0                                                                                                                                                        |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T16:01:22Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --ingress --ethertype IPv4 --protocol tcp --dst-port 443:443 --description "HTTP_PORT_ACCEPT" 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T16:01:29Z                                                                                                                                             |
| description       | HTTP_PORT_ACCEPT                                                                                                                                                 |
| direction         | ingress                                                                                                                                                          |
| ether_type        | IPv4                                                                                                                                                             |
| id                | c7510f8a-5fc4-44fe-bd18-025db970c7b0                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | 443                                                                                                                                                              |
| port_range_min    | 443                                                                                                                                                              |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | tcp                                                                                                                                                              |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | 0.0.0.0/0                                                                                                                                                        |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T16:01:29Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --ingress --ethertype IPv6 --protocol tcp --dst-port 80:80 --description "HTTP_PORT_ACCEPT" 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T16:01:37Z                                                                                                                                             |
| description       | HTTP_PORT_ACCEPT                                                                                                                                                 |
| direction         | ingress                                                                                                                                                          |
| ether_type        | IPv6                                                                                                                                                             |
| id                | 07bfc115-0751-4cf7-8f54-be4d4a34f64c                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | 80                                                                                                                                                               |
| port_range_min    | 80                                                                                                                                                               |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | tcp                                                                                                                                                              |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | ::/0                                                                                                                                                             |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T16:01:37Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group rule create --ingress --ethertype IPv6 --protocol tcp --dst-port 443:443 --description "HTTP_PORT_ACCEPT" 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field             | Value                                                                                                                                                            |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at        | 2020-07-30T16:01:45Z                                                                                                                                             |
| description       | HTTP_PORT_ACCEPT                                                                                                                                                 |
| direction         | ingress                                                                                                                                                          |
| ether_type        | IPv6                                                                                                                                                             |
| id                | 597b0409-7512-4aea-ac12-a541fc37b802                                                                                                                             |
| location          | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone= |
| name              | None                                                                                                                                                             |
| port_range_max    | 443                                                                                                                                                              |
| port_range_min    | 443                                                                                                                                                              |
| project_id        | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                 |
| protocol          | tcp                                                                                                                                                              |
| remote_group_id   | None                                                                                                                                                             |
| remote_ip_prefix  | ::/0                                                                                                                                                             |
| revision_number   | 0                                                                                                                                                                |
| security_group_id | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                             |
| tags              | []                                                                                                                                                               |
| updated_at        | 2020-07-30T16:01:45Z                                                                                                                                             |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ 
[lookback@LookdeMacBook-Pro ~/OpenStack]$ openstack security group show 86e3bce1-3608-4d79-aa8d-0f47c205e227
+-----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field           | Value                                                                                                                                                                                                                                                                                  |
+-----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at      | 2020-07-30T15:35:12Z                                                                                                                                                                                                                                                                   |
| description     | 这是一个用于测试的安全组                                                                                                                                                                                                                                                               |
| id              | 86e3bce1-3608-4d79-aa8d-0f47c205e227                                                                                                                                                                                                                                                   |
| location        | cloud='', project.domain_id='default', project.domain_name=, project.id='5df4e0c1c68647ef800e7904d455b58d', project.name='admin', region_name='RegionOne', zone=                                                                                                                       |
| name            | 测试安全组                                                                                                                                                                                                                                                                             |
| project_id      | 5df4e0c1c68647ef800e7904d455b58d                                                                                                                                                                                                                                                       |
| revision_number | 14                                                                                                                                                                                                                                                                                     |
| rules           | created_at='2020-07-30T16:01:37Z', description='HTTP_PORT_ACCEPT', direction='ingress', ethertype='IPv6', id='07bfc115-0751-4cf7-8f54-be4d4a34f64c', port_range_max='80', port_range_min='80', protocol='tcp', remote_ip_prefix='::/0', updated_at='2020-07-30T16:01:37Z'              |
|                 | created_at='2020-07-30T16:00:31Z', description='SSH_PORT_ACCEPT', direction='ingress', ethertype='IPv6', id='1aaa272b-3ee0-4acb-8f66-d40babd6e4c8', port_range_max='22', port_range_min='22', protocol='tcp', remote_ip_prefix='2404:eb40::100/128', updated_at='2020-07-30T16:00:31Z' |
|                 | created_at='2020-07-30T16:00:17Z', description='SSH_PORT_ACCEPT', direction='ingress', ethertype='IPv4', id='3326f295-4e00-41ba-a560-e9623534ee75', port_range_max='22', port_range_min='22', protocol='tcp', remote_ip_prefix='172.30.100.100/32', updated_at='2020-07-30T16:00:17Z'  |
|                 | created_at='2020-07-30T15:51:57Z', description='允许PING', direction='ingress', ethertype='IPv4', id='50fc9d9d-6dce-45bc-b7dc-3718611906b8', protocol='icmp', remote_ip_prefix='0.0.0.0/0', updated_at='2020-07-30T15:51:57Z'                                                          |
|                 | created_at='2020-07-30T16:01:45Z', description='HTTP_PORT_ACCEPT', direction='ingress', ethertype='IPv6', id='597b0409-7512-4aea-ac12-a541fc37b802', port_range_max='443', port_range_min='443', protocol='tcp', remote_ip_prefix='::/0', updated_at='2020-07-30T16:01:45Z'            |
|                 | created_at='2020-07-30T16:01:22Z', description='HTTP_PORT_ACCEPT', direction='ingress', ethertype='IPv4', id='76030ba4-e402-455a-9e19-1e23dba88d01', port_range_max='80', port_range_min='80', protocol='tcp', remote_ip_prefix='0.0.0.0/0', updated_at='2020-07-30T16:01:22Z'         |
|                 | created_at='2020-07-30T16:01:29Z', description='HTTP_PORT_ACCEPT', direction='ingress', ethertype='IPv4', id='c7510f8a-5fc4-44fe-bd18-025db970c7b0', port_range_max='443', port_range_min='443', protocol='tcp', remote_ip_prefix='0.0.0.0/0', updated_at='2020-07-30T16:01:29Z'       |
|                 | created_at='2020-07-30T15:48:28Z', description='放行IPV4所有流量出去', direction='egress', ethertype='IPv4', id='d8967eea-4cad-4466-9f0e-c7ba501a12d4', remote_ip_prefix='0.0.0.0/0', updated_at='2020-07-30T15:48:28Z'                                                                |
|                 | created_at='2020-07-30T15:48:37Z', description='放行IPV6所有流量出去', direction='egress', ethertype='IPv6', id='e3fc1615-b3dc-4a84-aab7-30c461e5fb76', remote_ip_prefix='::/0', updated_at='2020-07-30T15:48:37Z'                                                                     |
| tags            | []                                                                                                                                                                                                                                                                                     |
| updated_at      | 2020-07-30T16:01:45Z                                                                                                                                                                                                                                                                   |
+-----------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[lookback@LookdeMacBook-Pro ~/OpenStack]$ 

OpenStack之安全组添加规则

OpenStack之安全组添加规则

OpenStack之安全组添加规则

OpenStack之安全组添加规则

lookback
  • 本文由 发表于 2020年7月31日00:05:20
  • 除非特殊声明,本站文章均为原创,转载请务必保留本文链接
匿名

发表评论

匿名网友 填写信息

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: