-
Notifications
You must be signed in to change notification settings - Fork 75
add firewall
stack add firewall {action=string} {chain=string} {protocol=string} {service=string} [comment=string] [flags=string] [network=string] [output-network=string] [rulename=string] [table=string]
Add a global firewall rule for the all hosts in the cluster.
-
[action=string] -
[chain=string] -
[protocol=string] -
[service=string] -
{comment=string} -
{flags=string} -
{network=string} -
{output-network=string} -
{rulename=string} -
{table=string}The table to add the rule to. Valid values are 'filter', 'nat', 'mangle', and 'raw'. If this parameter is not specified, it defaults to 'filter'
-
stack add firewall network=public service="ssh" protocol="tcp" action="ACCEPT" chain="INPUT" flags="-m state --state NEW" table="filter" rulename="accept_public_ssh"Accept TCP packets for the ssh service on the public network on the INPUT chain in the "filter" table and apply the "-m state --state NEW" flags to the rule. If 'eth1' is associated with the public network, this will be translated as the following iptables rule: "-A INPUT -i eth1 -p tcp --dport ssh -m state --state NEW -j ACCEPT"
-
stack add firewall network=private service="all" protocol="all" action="ACCEPT" chain="INPUT"Accept all protocols and all services on the private network on the INPUT chain. If 'eth0' is the private network, then this will be translated as the following iptables rule: "-A INPUT -i eth0 -j ACCEPT"
Checkout our Google Group or our Slack Team for any support or other questions.
Want to contribute to this Wiki? Fork it and send a pull request.
-
add
- add api blacklist command
- add api group
- add api group perms
- add api sudo command
- add api user
- add api user group
- add api user perms
- add appliance
- add appliance attr
- add appliance firewall
- add appliance route
- add appliance storage controller
- add appliance storage partition
- add attr
- add bootaction
- add box
- add cart
- add copyright
- add environment
- add environment attr
- add environment firewall
- add environment route
- add environment storage controller
- add environment storage partition
- add firewall
- add firmware
- add firmware imp
- add firmware make
- add firmware model
- add firmware version_regex
- add group
- add host
- add host attr
- add host bonded
- add host bridge
- add host firewall
- add host firmware mapping
- add host group
- add host interface
- add host interface alias
- add host key
- add host message
- add host partition
- add host route
- add host storage controller
- add host storage partition
- add network
- add os attr
- add os firewall
- add os route
- add os storage controller
- add os storage partition
- add pallet
- add pallet tag
- add route
- add storage controller
- add storage partition
- add switch host
- add switch partition
- add switch partition member
- compile
- config
- create
- disable
- dump
- enable
- help
- iterate
- list
- load
- pack
- remove
- report
- run
- set
- swap
- sync
- unload
- verify