cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrija Panic <andrija.pa...@gmail.com>
Subject Re: Block traffic to specific outbound CIDR
Date Fri, 08 Nov 2019 08:48:51 GMT
since you can't add Deny rules with SGs, I find it hard to do what
you want...

On Thu, 7 Nov 2019, 22:27 Fariborz Navidan, <mdvlinquest@gmail.com> wrote:

> Any idea?
>
> On Thu, Nov 7, 2019 at 10:22 PM Fariborz Navidan <mdvlinquest@gmail.com>
> wrote:
>
> > In this way it works just vice versa. I add an egress rule with a
> specific
> > CIDR and it only allows outbound traffic to that network. I want to do
> the
> > reverse. Allow all outbound traffic but not this CIDR.
> >
> > On Thu, Nov 7, 2019 at 9:41 PM Andrija Panic <andrija.panic@gmail.com>
> > wrote:
> >
> >>
> >>
> http://docs.cloudstack.apache.org/en/latest/adminguide/networking/security_groups.html#enabling-security-groups
> >>
> >>
> >> It says' it all. Once you add a first EGRESS rule to the existing SG,
> the
> >> only that rules applies (it stopss to allow all EGRESS traffix, that it
> >> does when there are no explicit EGRESS rules).
> >>
> >>
> >> On Thu, 7 Nov 2019 at 16:46, Fariborz Navidan <mdvlinquest@gmail.com>
> >> wrote:
> >>
> >> > Hello,
> >> >
> >> > I have a shared network with default egress policy to be allowed. How
> >> can I
> >> > block traffic to specific outbound CIDR originating from this VM?
> >> >
> >>
> >>
> >> --
> >>
> >> Andrija Panić
> >>
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message