openstack neutron-修改新创建安全组的默认规则
neutron 创建安全组会有两条默认的出口规则Direction
Ether Type
IP Protocol
Port Range
Remote IP Prefix
Remote Security Group
Actions
EgressIPv6AnyAny::/0-Delete Rule
EgressIPv4AnyAny0.0.0.0/0-
遇到的需求要修改它,
找了数据库,配置文件后,在源代码中找到了他
位置 neutron/db/securitygroups_db.py
def create_security_group(self, context, security_group, default_sg=False):
for ethertype in ext_sg.sg_supported_ethertypes:
if default_sg:
# Allow intercommunication
ingress_rule = sg_models.SecurityGroupRule(
id=uuidutils.generate_uuid(), tenant_id=tenant_id,
security_group=security_group_db,
direction='ingress',
ethertype=ethertype,
source_group=security_group_db)
context.session.add(ingress_rule)
修改这段内容,完成目的。
页:
[1]