OpenStack Compute (nova)

how to block outbound traffice from VM

Asked by Hao Li

By reading the security group description http://docs.openstack.org/diablo/openstack-compute/starter/content/Security_Overview-d1e2505.html, I know I can use security group to block incoming traffic for a VM. But I still need to block some outgoing traffic from a VM in cloud provider level rather than use a fire wall in the VM. Are there any commands or APIs that I can use to do this? Thanks a lot.

Question information

Language:
English Edit question
Status:
Answered
For:
OpenStack Compute (nova) Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Vish Ishaya (vishvananda) said : 		#1

This is handled by provider rules. Unfortunately, I don't think there is an api extension to manage them (There is one using the old ec2 admin api). You could manage them by editing the database directly. Or by creating an api extension to manage them!

Vish

On Nov 10, 2011, at 6:50 PM, Hao Li wrote:

> New question #178358 on OpenStack Compute (nova):
> https://answers.launchpad.net/nova/+question/178358
>
> By reading the security group description http://docs.openstack.org/diablo/openstack-compute/starter/content/Security_Overview-d1e2505.html, I know I can use security group to block incoming traffic for a VM. But I still need to block some outgoing traffic from a VM in cloud provider level rather than use a fire wall in the VM. Are there any commands or APIs that I can use to do this? Thanks a lot.
>
> --
> You received this question notification because you are a member of Nova
> Core, which is an answer contact for OpenStack Compute (nova).

Can you help with this problem?

Provide an answer of your own, or ask Hao Li for more information if necessary.

To post a message you must log in.