Security Rules Examples


Security group rules are formatted as follows:
{Protocol},{IP Range},{Port Range};
The three parameters must be separated by commas, and each rule must end with a semicolon. There must not be more than three parameters in one rule. There can be no limit to the number of individual rules the plugin can create, as long as each rule is formatted in the style above and is unique.

Note that if no CIDR notation (the "/32" at the end of the IP address), the default value of [/32] will be used.

  

Protocol

  • Can be either [tcp] or [udp]
  • e.g. [tcp,98.10.84.187/32,22;]

 

IP Range

  • The IP address to allow connections from
  • To allow a connection from a specific IP address, add enter it like: [98.10.84.187/32]
  • To allow a connection from any IP address, use [0.0.0.0/0]

 

Port Range

  • The port number or range to open
  • Can be a single port or a port range
  • To open a single port, just enter the port number. [22]
  • To open a range, use a hyphen to separate the starting and ending ports. [5900-5910]

 

Examples

  • To allow SSH (port 22) to all IP addresses: [tcp,0.0.0.0/0,22;]
  • To allow VNC (ports 5900 through 5910) to 98.10.84.187: [tcp,98.10.84.187/32,5900-5910;]
  • To create several rules at once:

tcp, 98.10.84.187/32,21-22;
tcp, 98.10.84.172/32,21-22;
tcp,98.10.84.187/32,5900-5910;
tcp,0.0.0.0/0,80;