← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #15065

[Bug 1326011] [NEW] Doesn't seem possible to configure direction as part of security rule creation

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Maybe I'm missing something, but when I was trying to set up some
security rules through Horizon, had issues, and tried to switch to CLI,
I couldn't figure out how to make an egress rule through nova secgroup-
add-rule, everything was ingress, with no option to specify egress.

>From the docs:
http://docs.openstack.org/cli-reference/content/novaclient_commands.html

nova secgroup-add-rule command

usage: nova secgroup-add-rule <secgroup> <ip-proto> <from-port> <to-port>
                              <cidr>

Add a rule to a security group.

Positional arguments

<secgroup>
    ID or name of security group. 

<ip-proto>
    IP protocol (icmp, tcp, udp). 

<from-port>
    Port at start of range. 

<to-port>
    Port at end of range. 

<cidr>
    CIDR for address range. 

Shouldn't it be possible to specify an egress rule through the CLI? As
part of the creation in Horizon, you pick EGRESS/INGRESS along with the
other fields that the add-rule command lets you configure.

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1326011

Title:
  Doesn't seem possible to configure direction as part of security rule
  creation

Status in OpenStack Compute (Nova):
  New

Bug description:
  Maybe I'm missing something, but when I was trying to set up some
  security rules through Horizon, had issues, and tried to switch to
  CLI, I couldn't figure out how to make an egress rule through nova
  secgroup-add-rule, everything was ingress, with no option to specify
  egress.

  From the docs:
  http://docs.openstack.org/cli-reference/content/novaclient_commands.html

  nova secgroup-add-rule command

  usage: nova secgroup-add-rule <secgroup> <ip-proto> <from-port> <to-port>
                                <cidr>

  Add a rule to a security group.

  Positional arguments

  <secgroup>
      ID or name of security group. 

  <ip-proto>
      IP protocol (icmp, tcp, udp). 

  <from-port>
      Port at start of range. 

  <to-port>
      Port at end of range. 

  <cidr>
      CIDR for address range. 

  Shouldn't it be possible to specify an egress rule through the CLI? As
  part of the creation in Horizon, you pick EGRESS/INGRESS along with
  the other fields that the add-rule command lets you configure.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1326011/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next