7.9. Adding a Rule to a Security Group
Security groups are used to specify what IP traffic is allowed to reach an instance on its public IP address. The rules defined by security groups are processed before network traffic reaches any firewall rules defined within the guest itself.
Note
In the default configuration, the 'default' security group accepts all connections from the 'default' source; all instances with the 'default' group can talk to each other on any port.
Procedure 7.9. Adding a Rule to a Security Group using the Dashboard
- Log in to the Dashboard.
- In the Project tab, click on under the menu.
- In the Security Groups tab click the button on the row for the
defaultsecurity group.The Edit Security Group Rules: default page is displayed. - Click the button. The Add Rule window is displayed.
- Configure the rule.
- Select the desired rule template or use custom rules from the Rule dropdown list.
- Select the Direction from the dropdown list.
- Define the port or ports to which the rule will apply using the Open Port field:
Port- Define a specific port in the Port field.Port Range- Define the port range using the From Port and To Port fields.
- Specify the source of the traffic to be allowed via this rule using the Remote field.You can choose to do so either in the form of an IP address block (CIDR) or via a source group (Security Group).
CIDR- Enter a specific IP address in the CIDR field using the Classless Inter-Domain Routing (CIDR) notation. A value of 0.0.0.0/0 allows connections from all IP addresses.Security Group- Select the Security Group and Ether Type fields.
- Click the button to add the new rule to the security group.
You have successfully added a rule to a security group using the Dashboard. It is now possible to connect to instances that use the altered security group from the specified IP address block and using the specified ports and protocol.