Menu Close

Chapter 29. firewall

This chapter describes the commands under the firewall command.

29.1. firewall group create

Create a new firewall group

Usage:

openstack firewall group create [-h] [-f {json,shell,table,value,yaml}]
                                       [-c COLUMN] [--max-width <integer>]
                                       [--fit-width] [--print-empty]
                                       [--noindent] [--prefix PREFIX]
                                       [--name NAME]
                                       [--description <description>]
                                       [--ingress-firewall-policy <ingress-firewall-policy> | --no-ingress-firewall-policy]
                                       [--egress-firewall-policy <egress-firewall-policy> | --no-egress-firewall-policy]
                                       [--public | --private | --share | --no-share]
                                       [--enable | --disable]
                                       [--project <project>]
                                       [--project-domain <project-domain>]
                                       [--port <port> | --no-port]

Table 29.1. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.2. Output Formatters

ValueSummary

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 29.3. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.4. Optional Arguments

ValueSummary

--share

Share the firewall group to be used in all projects (by default, it is restricted to be used by the current project).

--no-port

Detach all port from the firewall group

--disable

Disable firewall group

--public

Make the firewall group public, which allows it to be used in all projects (as opposed to the default, which is to restrict its use to the current project). This option is deprecated and would be removed in R release.

--no-egress-firewall-policy

Detach egress firewall policy from the firewall group

--enable

Enable firewall group

--project-domain <project-domain>

Domain the project belongs to (name or id). this can be used in case collisions between project names exist.

--egress-firewall-policy <egress-firewall-policy>

Egress firewall policy (name or id)

--project <project>

Owner’s project (name or id)

--no-share

Restrict use of the firewall group to the current project

--no-ingress-firewall-policy

Detach ingress firewall policy from the firewall group

--private

Restrict use of the firewall group to the current project. This option is deprecated and would be removed in R release.

--port <port>

Port(s) (name or id) to apply firewall group. this option can be repeated

--name NAME

Name for the firewall group

-h, --help

Show this help message and exit

--description <description>

Description of the firewall group

--ingress-firewall-policy <ingress-firewall-policy>

Ingress firewall policy (name or id)

Table 29.5. Shell Formatter

ValueSummary

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

29.2. firewall group delete

Delete firewall group(s)

Usage:

openstack firewall group delete [-h]
                                       <firewall-group> [<firewall-group> ...]

Table 29.6. Positional Arguments

ValueSummary

<firewall-group>

Firewall group(s) to delete (name or id)

Table 29.7. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

29.3. firewall group list

List firewall groups

Usage:

openstack firewall group list [-h] [-f {csv,json,table,value,yaml}]
                                     [-c COLUMN] [--max-width <integer>]
                                     [--fit-width] [--print-empty]
                                     [--noindent]
                                     [--quote {all,minimal,none,nonnumeric}]
                                     [--sort-column SORT_COLUMN] [--long]

Table 29.8. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.9. CSV Formatter

ValueSummary

--quote {all,minimal,none,nonnumeric}

When to include quotes, defaults to nonnumeric

Table 29.10. Output Formatters

ValueSummary

output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--sort-column SORT_COLUMN

Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

Table 29.11. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.12. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

--long

List additional fields in output

29.4. firewall group policy add rule

Insert a rule into a given firewall policy

Usage:

openstack firewall group policy add rule [-h]
                                                [--insert-before <firewall-rule>]
                                                [--insert-after <firewall-rule>]
                                                <firewall-policy>
                                                <firewall-rule>

Table 29.13. Positional Arguments

ValueSummary

<firewall-policy>

Firewall policy to insert rule (name or id)

<firewall-rule>

Firewall rule to be inserted (name or id)

Table 29.14. Optional Arguments

ValueSummary

--insert-after <firewall-rule>

Insert the new rule after this existing rule (name or ID)

-h, --help

Show this help message and exit

--insert-before <firewall-rule>

Insert the new rule before this existing rule (name or ID)

29.5. firewall group policy create

Create a new firewall policy

Usage:

openstack firewall group policy create [-h]
                                              [-f {json,shell,table,value,yaml}]
                                              [-c COLUMN]
                                              [--max-width <integer>]
                                              [--fit-width] [--print-empty]
                                              [--noindent] [--prefix PREFIX]
                                              [--description DESCRIPTION]
                                              [--audited | --no-audited]
                                              [--share | --public | --private | --no-share]
                                              [--project <project>]
                                              [--project-domain <project-domain>]
                                              [--firewall-rule <firewall-rule> | --no-firewall-rule]
                                              <name>

Table 29.15. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.16. Positional Arguments

ValueSummary

<name>

Name for the firewall policy

Table 29.17. Output Formatters

ValueSummary

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 29.18. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.19. Optional Arguments

ValueSummary

--share

Share the firewall policy to be used in all projects (by default, it is restricted to be used by the current project).

--public

Make the firewall policy public, which allows it to be used in all projects (as opposed to the default, which is to restrict its use to the current project.) This option is deprecated and would be removed in R release.

--no-audited

Disable auditing for the policy

--no-firewall-rule

Unset all firewall rules from firewall policy

--audited

Enable auditing for the policy

--project-domain <project-domain>

Domain the project belongs to (name or id). this can be used in case collisions between project names exist.

--no-share

Restrict use of the firewall policy to the current project

--firewall-rule <firewall-rule>

Firewall rule(s) to apply (name or id)

--private

Restrict use of the firewall policy to the current project.This option is deprecated and would be removed in R release.

--description DESCRIPTION

Description of the firewall policy

-h, --help

Show this help message and exit

--project <project>

Owner’s project (name or id)

Table 29.20. Shell Formatter

ValueSummary

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

29.6. firewall group policy delete

Delete firewall policy(s)

Usage:

openstack firewall group policy delete [-h]
                                              <firewall-policy>
                                              [<firewall-policy> ...]

Table 29.21. Positional Arguments

ValueSummary

<firewall-policy>

Firewall policy(s) to delete (name or id)

Table 29.22. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

29.7. firewall group policy list

List firewall policies

Usage:

openstack firewall group policy list [-h]
                                            [-f {csv,json,table,value,yaml}]
                                            [-c COLUMN]
                                            [--max-width <integer>]
                                            [--fit-width] [--print-empty]
                                            [--noindent]
                                            [--quote {all,minimal,none,nonnumeric}]
                                            [--sort-column SORT_COLUMN]
                                            [--long]

Table 29.23. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.24. CSV Formatter

ValueSummary

--quote {all,minimal,none,nonnumeric}

When to include quotes, defaults to nonnumeric

Table 29.25. Output Formatters

ValueSummary

output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--sort-column SORT_COLUMN

Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

Table 29.26. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.27. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

--long

List additional fields in output

29.8. firewall group policy remove rule

Remove a rule from a given firewall policy

Usage:

openstack firewall group policy remove rule [-h]
                                                   <firewall-policy>
                                                   <firewall-rule>

Table 29.28. Positional Arguments

ValueSummary

<firewall-policy>

Firewall policy to remove rule (name or id)

<firewall-rule>

Firewall rule to remove from policy (name or id)

Table 29.29. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

29.9. firewall group policy set

Set firewall policy properties

Usage:

openstack firewall group policy set [-h] [--description DESCRIPTION]
                                           [--audited | --no-audited]
                                           [--share | --public | --private | --no-share]
                                           [--name <name>]
                                           [--firewall-rule <firewall-rule>]
                                           [--no-firewall-rule]
                                           <firewall-policy>

Table 29.30. Positional Arguments

ValueSummary

<firewall-policy>

Firewall policy to update (name or id)

Table 29.31. Optional Arguments

ValueSummary

--share

Share the firewall policy to be used in all projects (by default, it is restricted to be used by the current project).

--public

Make the firewall policy public, which allows it to be used in all projects (as opposed to the default, which is to restrict its use to the current project.) This option is deprecated and would be removed in R release.

--no-audited

Disable auditing for the policy

--no-firewall-rule

Remove all firewall rules from firewall policy

--audited

Enable auditing for the policy

--no-share

Restrict use of the firewall policy to the current project

--firewall-rule <firewall-rule>

Firewall rule(s) to apply (name or id)

--private

Restrict use of the firewall policy to the current project.This option is deprecated and would be removed in R release.

--description DESCRIPTION

Description of the firewall policy

-h, --help

Show this help message and exit

--name <name>

Name for the firewall policy

29.10. firewall group policy show

Display firewall policy details

Usage:

openstack firewall group policy show [-h]
                                            [-f {json,shell,table,value,yaml}]
                                            [-c COLUMN]
                                            [--max-width <integer>]
                                            [--fit-width] [--print-empty]
                                            [--noindent] [--prefix PREFIX]
                                            <firewall-policy>

Table 29.32. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.33. Positional Arguments

ValueSummary

<firewall-policy>

Firewall policy to show (name or id)

Table 29.34. Output Formatters

ValueSummary

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 29.35. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.36. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

Table 29.37. Shell Formatter

ValueSummary

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

29.11. firewall group policy unset

Unset firewall policy properties

Usage:

openstack firewall group policy unset [-h]
                                             [--firewall-rule <firewall-rule> | --all-firewall-rule]
                                             [--audited] [--share] [--public]
                                             <firewall-policy>

Table 29.38. Positional Arguments

ValueSummary

<firewall-policy>

Firewall policy to unset (name or id)

Table 29.39. Optional Arguments

ValueSummary

--share

Restrict use of the firewall policy to the current project

--public

Restrict use of the firewall policy to the current project. This option is deprecated and would be removed in R release.

--audited

Disable auditing for the policy

--all-firewall-rule

Remove all firewall rules from the firewall policy

--firewall-rule <firewall-rule>

Remove firewall rule(s) from the firewall policy (name or ID)

-h, --help

Show this help message and exit

29.12. firewall group rule create

Create a new firewall rule

Usage:

openstack firewall group rule create [-h]
                                            [-f {json,shell,table,value,yaml}]
                                            [-c COLUMN]
                                            [--max-width <integer>]
                                            [--fit-width] [--print-empty]
                                            [--noindent] [--prefix PREFIX]
                                            [--name <name>]
                                            [--description <description>]
                                            [--protocol {tcp,udp,icmp,any}]
                                            [--action {allow,deny,reject}]
                                            [--ip-version <ip-version>]
                                            [--source-ip-address <source-ip-address> | --no-source-ip-address]
                                            [--destination-ip-address <destination-ip-address> | --no-destination-ip-address]
                                            [--source-port <source-port> | --no-source-port]
                                            [--destination-port <destination-port> | --no-destination-port]
                                            [--public | --private | --share | --no-share]
                                            [--enable-rule | --disable-rule]
                                            [--project <project>]
                                            [--project-domain <project-domain>]

Table 29.40. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.41. Output Formatters

ValueSummary

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 29.42. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.43. Optional Arguments

ValueSummary

--destination-port <destination-port>

Destination port number or range(integer in [1, 65535] or range like 123:456)

--no-destination-ip-address

Detach destination ip address

--source-ip-address <source-ip-address>

Source ip address or subnet

--share

Share the firewall rule to be used in all projects (by default, it is restricted to be used by the current project).

--no-source-ip-address

Detach source ip address

--private

Restrict use of the firewall rule to the current project.This option is deprecated and would be removed in R release.

--enable-rule

Enable this rule (default is enabled)

--name <name>

Name of the firewall rule

--no-source-port

Detach source port number or range

--destination-ip-address <destination-ip-address>

Destination ip address or subnet

-h, --help

Show this help message and exit

--description <description>

Description of the firewall rule

--project-domain <project-domain>

Domain the project belongs to (name or id). this can be used in case collisions between project names exist.

--action {allow,deny,reject}

Action for the firewall rule

--ip-version <ip-version>

Set ip version 4 or 6 (default is 4)

--source-port <source-port>

Source port number or range(integer in [1, 65535] or range like 123:456)

--no-share

Restrict use of the firewall rule to the current project

--no-destination-port

Detach destination port number or range

--project <project>

Owner’s project (name or id)

--disable-rule

Disable this rule

--public

Make the firewall policy public, which allows it to be used in all projects (as opposed to the default, which is to restrict its use to the current project). This option is deprecated and would be removed in R Release

--protocol {tcp,udp,icmp,any}

Protocol for the firewall rule

Table 29.44. Shell Formatter

ValueSummary

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

29.13. firewall group rule delete

Delete firewall rule(s)

Usage:

openstack firewall group rule delete [-h]
                                            <firewall-rule>
                                            [<firewall-rule> ...]

Table 29.45. Positional Arguments

ValueSummary

<firewall-rule>

Firewall rule(s) to delete (name or id)

Table 29.46. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

29.14. firewall group rule list

List firewall rules that belong to a given tenant

Usage:

openstack firewall group rule list [-h]
                                          [-f {csv,json,table,value,yaml}]
                                          [-c COLUMN] [--max-width <integer>]
                                          [--fit-width] [--print-empty]
                                          [--noindent]
                                          [--quote {all,minimal,none,nonnumeric}]
                                          [--sort-column SORT_COLUMN] [--long]

Table 29.47. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.48. CSV Formatter

ValueSummary

--quote {all,minimal,none,nonnumeric}

When to include quotes, defaults to nonnumeric

Table 29.49. Output Formatters

ValueSummary

output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--sort-column SORT_COLUMN

Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

Table 29.50. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.51. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

--long

List additional fields in output

29.15. firewall group rule set

Set firewall rule properties

Usage:

openstack firewall group rule set [-h] [--name <name>]
                                         [--description <description>]
                                         [--protocol {tcp,udp,icmp,any}]
                                         [--action {allow,deny,reject}]
                                         [--ip-version <ip-version>]
                                         [--source-ip-address <source-ip-address> | --no-source-ip-address]
                                         [--destination-ip-address <destination-ip-address> | --no-destination-ip-address]
                                         [--source-port <source-port> | --no-source-port]
                                         [--destination-port <destination-port> | --no-destination-port]
                                         [--public | --private | --share | --no-share]
                                         [--enable-rule | --disable-rule]
                                         <firewall-rule>

Table 29.52. Positional Arguments

ValueSummary

<firewall-rule>

Firewall rule to set (name or id)

Table 29.53. Optional Arguments

ValueSummary

--share

Share the firewall rule to be used in all projects (by default, it is restricted to be used by the current project).

--no-source-ip-address

Detach source ip address

--source-ip-address <source-ip-address>

Source ip address or subnet

--ip-version <ip-version>

Set ip version 4 or 6 (default is 4)

--private

Restrict use of the firewall rule to the current project.This option is deprecated and would be removed in R release.

--no-source-port

Detach source port number or range

--name <name>

Name of the firewall rule

--enable-rule

Enable this rule (default is enabled)

--destination-port <destination-port>

Destination port number or range(integer in [1, 65535] or range like 123:456)

--source-port <source-port>

Source port number or range(integer in [1, 65535] or range like 123:456)

--disable-rule

Disable this rule

--no-share

Restrict use of the firewall rule to the current project

--no-destination-port

Detach destination port number or range

--no-destination-ip-address

Detach destination ip address

--destination-ip-address <destination-ip-address>

Destination ip address or subnet

-h, --help

Show this help message and exit

--description <description>

Description of the firewall rule

--protocol {tcp,udp,icmp,any}

Protocol for the firewall rule

--action {allow,deny,reject}

Action for the firewall rule

--public

Make the firewall policy public, which allows it to be used in all projects (as opposed to the default, which is to restrict its use to the current project). This option is deprecated and would be removed in R Release

29.16. firewall group rule show

Display firewall rule details

Usage:

openstack firewall group rule show [-h]
                                          [-f {json,shell,table,value,yaml}]
                                          [-c COLUMN] [--max-width <integer>]
                                          [--fit-width] [--print-empty]
                                          [--noindent] [--prefix PREFIX]
                                          <firewall-rule>

Table 29.54. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.55. Positional Arguments

ValueSummary

<firewall-rule>

Firewall rule to display (name or id)

Table 29.56. Output Formatters

ValueSummary

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 29.57. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.58. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

Table 29.59. Shell Formatter

ValueSummary

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

29.17. firewall group rule unset

Unset firewall rule properties

Usage:

openstack firewall group rule unset [-h] [--source-ip-address]
                                           [--destination-ip-address]
                                           [--source-port]
                                           [--destination-port] [--share]
                                           [--public] [--enable-rule]
                                           <firewall-rule>

Table 29.60. Positional Arguments

ValueSummary

<firewall-rule>

Firewall rule to unset (name or id)

Table 29.61. Optional Arguments

ValueSummary

--share

Restrict use of the firewall rule to the current project

--public

Restrict use of the firewall rule to the current project. This option is deprecated and would be removed in R Release.

--enable-rule

Disable this rule

--destination-port

Destination port number or range(integer in [1, 65535] or range like 123:456)

--source-ip-address

Source ip address or subnet

-h, --help

Show this help message and exit

--destination-ip-address

Destination ip address or subnet

--source-port

Source port number or range(integer in [1, 65535] or range like 123:456)

29.18. firewall group set

Set firewall group properties

Usage:

openstack firewall group set [-h] [--name NAME]
                                    [--description <description>]
                                    [--ingress-firewall-policy <ingress-firewall-policy> | --no-ingress-firewall-policy]
                                    [--egress-firewall-policy <egress-firewall-policy> | --no-egress-firewall-policy]
                                    [--public | --private | --share | --no-share]
                                    [--enable | --disable] [--port <port>]
                                    [--no-port]
                                    <firewall-group>

Table 29.62. Positional Arguments

ValueSummary

<firewall-group>

Firewall group to update (name or id)

Table 29.63. Optional Arguments

ValueSummary

--share

Share the firewall group to be used in all projects (by default, it is restricted to be used by the current project).

--no-port

Detach all port from the firewall group

--disable

Disable firewall group

--public

Make the firewall group public, which allows it to be used in all projects (as opposed to the default, which is to restrict its use to the current project). This option is deprecated and would be removed in R release.

--no-egress-firewall-policy

Detach egress firewall policy from the firewall group

--enable

Enable firewall group

--egress-firewall-policy <egress-firewall-policy>

Egress firewall policy (name or id)

--no-share

Restrict use of the firewall group to the current project

--no-ingress-firewall-policy

Detach ingress firewall policy from the firewall group

--private

Restrict use of the firewall group to the current project. This option is deprecated and would be removed in R release.

--port <port>

Port(s) (name or id) to apply firewall group. this option can be repeated

--name NAME

Name for the firewall group

-h, --help

Show this help message and exit

--description <description>

Description of the firewall group

--ingress-firewall-policy <ingress-firewall-policy>

Ingress firewall policy (name or id)

29.19. firewall group show

Display firewall group details

Usage:

openstack firewall group show [-h] [-f {json,shell,table,value,yaml}]
                                     [-c COLUMN] [--max-width <integer>]
                                     [--fit-width] [--print-empty]
                                     [--noindent] [--prefix PREFIX]
                                     <firewall-group>

Table 29.64. Table Formatter

ValueSummary

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

Table 29.65. Positional Arguments

ValueSummary

<firewall-group>

Firewall group to show (name or id)

Table 29.66. Output Formatters

ValueSummary

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

Table 29.67. JSON Formatter

ValueSummary

--noindent

Whether to disable indenting the json

Table 29.68. Optional Arguments

ValueSummary

-h, --help

Show this help message and exit

Table 29.69. Shell Formatter

ValueSummary

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

29.20. firewall group unset

Unset firewall group properties

Usage:

openstack firewall group unset [-h] [--port <port> | --all-port]
                                      [--ingress-firewall-policy]
                                      [--egress-firewall-policy]
                                      [--public | --share] [--enable]
                                      <firewall-group>

Table 29.70. Positional Arguments

ValueSummary

<firewall-group>

Firewall group to unset (name or id)

Table 29.71. Optional Arguments

ValueSummary

--share

Restrict use of the firewall group to the current project

--all-port

Remove all ports for this firewall group

--public

Make the firewall group public, which allows it to be used in all projects (as opposed to the default, which is to restrict its use to the current project). This option is deprecated and would be removed in R release.

--enable

Disable firewall group

--ingress-firewall-policy

Ingress firewall policy (name or id) to delete

--egress-firewall-policy

Egress firewall policy (name or id) to delete

--port <port>

Port(s) (name or id) to apply firewall group. this option can be repeated

-h, --help

Show this help message and exit