Security group rules are formatted as follows:
{Protocol},{IP Range},{Port Range};
The three parameters must be separated by commas, and each rule must end with a semicolon. There must not be more than three parameters in one rule. There can be no limit to the number of individual rules the plugin can create, as long as each rule is formatted in the style above and is unique.

Note that if no CIDR notation (the "/32" at the end of the IP address), the default value of [/32] will be used.

Protocol

Can be either [tcp] or [udp]
e.g. [tcp,98.10.84.187/32,22;]

IP Range

The IP address to allow connections from
To allow a connection from a specific IP address, add enter it like: [98.10.84.187/32]
To allow a connection from any IP address, use [0.0.0.0/0]

Port Range

The port number or range to open
Can be a single port or a port range
To open a single port, just enter the port number. [22]
To open a range, use a hyphen to separate the starting and ending ports. [5900-5910]

Examples

To allow SSH (port 22) to all IP addresses: [tcp,0.0.0.0/0,22;]
To allow VNC (ports 5900 through 5910) to 98.10.84.187: [tcp,98.10.84.187/32,5900-5910;]
To create several rules at once:

tcp, 98.10.84.187/32,21-22;
tcp, 98.10.84.172/32,21-22;
tcp,98.10.84.187/32,5900-5910;
tcp,0.0.0.0/0,80;