Assign the cloud firewall to the cloud router port and disconnect from the port
Assign the cloud firewall to the cloud router port and disconnect from the port
Assign a firewall to the router port
You cannot assign more than one firewall to a single router port.
carefully
Inbound and outbound traffic that is not allowed in the cloud firewall rules will be denied on the cloud router port. Active sessions on the router will be interrupted, which cannot be set under the new rules.
- Control panel
- OpenStack CLI
- In Control Panel, go to Cloud Platform → Firewalls.
- Open the firewall page → Ports tab.
- Press Assign to Port.
- Select the private subnet connected to the cloud router for which you want to configure traffic filtering.
- Press Assign to Port.
- Press Assign.
-
Assign a firewall to the router port:
openstack firewall group set --port <router_port> <firewall>
Specify:
<router_port>
— ID or port name of the router to which the firewall will be assigned. The list can be viewed withopenstack port list
. To assign a firewall to more than one router port, list their names or IDs separated by a space;<firewall>
— ID or name of the firewall. The list can be viewed using theopenstack firewall firewall group list
.
Disconnect the firewall from the router port
carefully
Cloud firewall rules will no longer apply — all inbound and outbound traffic that passes through the cloud router port will be allowed.
- Control panel
- OpenStack CLI
- In Control Panel, go to Cloud Platform → Firewalls.
- Open the firewall page → Ports tab.
- In the router's port bar, click .
- Press Disable.
-
Disconnect the firewall from the router port:
openstack firewall group unset --port <router_port> <firewall>
Specify:
<router_port>
— ID or port name of the router from which the firewall will be disconnected. The list can be viewed withopenstack port list
;<firewall>
— ID or name of the firewall. The list can be viewed using theopenstack firewall firewall group list
.