Assign the cloud firewall to the cloud router port and disconnect from the port
Assign the cloud firewall to the cloud router port and disconnect from the port
Assign a firewall to a router port
You cannot assign more than one firewall to a single router port.
carefully
Inbound and outbound traffic that is not allowed in the cloud firewall rules will be denied on the cloud router port. Active sessions on the router that cannot be established by the new rules will be interrupted.
Control panel
OpenStack CLI
- In control panel go to Cloud platform → Firewalls.
- Open the firewall page → tab Ports.
- Click Assign to port.
- Select the private subnet connected to the cloud router for which you want to configure traffic filtering.
- Click Assign to port.
- Click Assign.
-
Assign a firewall to the router port:
openstack firewall group set --port <router_port> <firewall>Specify:
<router_port>— The ID or port name of the router to which the firewall will be assigned. You can view the list byopenstack port list. To assign a firewall to more than one router port, list their names or IDs separated by a space;<firewall>— ID or name of the firewall. You can view the list byopenstack firewall group list.
Disconnect the firewall from the router port
carefully
The cloud firewall rules will no longer apply — all inbound and outbound traffic that passes through the cloud router port will be allowed.
Control panel
OpenStack CLI
- In control panel go to Cloud platform → Firewalls.
- Open the firewall page → tab Ports.
- On the router's port bar, click .
- Click Disconnect.
-
Disconnect the firewall from the router port:
openstack firewall group unset --port <router_port> <firewall>Specify:
<router_port>— The ID or port name of the router from which the firewall will be disconnected. You can view the list byopenstack port list;<firewall>— ID or name of the firewall. You can view the list byopenstack firewall group list.