neutron 創建安全組會有兩條默認的出口規則
Direction | Ether Type | IP Protocol | Port Range | Remote IP Prefix | Remote Security Group | Actions | |
|---|---|---|---|---|---|---|---|
| Egress | IPv6 | Any | Any | ::/0 | - | Delete Rule | |
| Egress | IPv4 | Any | Any | 0.0.0.0/0 | - |
遇到的需求要修改它,
找了數據庫,配置文件後,在源代碼中找到了他
位置 neutron/db/securitygroups_db.py
def create_security_group(self, context, security_group, default_sg=False):
for ethertype in ext_sg.sg_supported_ethertypes:
if default_sg:
# Allow intercommunication
ingress_rule = sg_models.SecurityGroupRule(
id=uuidutils.generate_uuid(), tenant_id=tenant_id,
security_group=security_group_db,
direction='ingress',
ethertype=ethertype,
source_group=security_group_db)
context.session.add(ingress_rule)
修改這段內容,完成目的。