neutron 创建安全组会有两条默认的出口规则
| Direction |
Ether Type |
IP Protocol |
Port Range |
Remote IP Prefix |
Remote Security Group |
Actions |
|
|---|---|---|---|---|---|---|---|
| Egress | IPv6 | Any | Any | ::/0 | - | Delete Rule | |
| Egress | IPv4 | Any | Any | 0.0.0.0/0 | - |
遇到的需求要修改它,
找了数据库,配置文件后,在源代码中找到了他
位置 neutron/db/securitygroups_db.py
def create_security_group(self, context, security_group, default_sg=False):
for ethertype in ext_sg.sg_supported_ethertypes:
if default_sg:
# Allow intercommunication
ingress_rule = sg_models.SecurityGroupRule(
id=uuidutils.generate_uuid(), tenant_id=tenant_id,
security_group=security_group_db,
direction='ingress',
ethertype=ethertype,
source_group=security_group_db)
context.session.add(ingress_rule)
修改这段内容,完成目的。
本文转自 superbigsea 51CTO博客,原文链接:http://blog.51cto.com/superbigsea/1860311
