• Virtual Private Cloud

vpc
  1. Help Center
  2. Virtual Private Cloud
  3. User Guide
  4. Security
  5. Firewall
  6. Modifying a Firewall Rule

Modifying a Firewall Rule

Scenarios

Modify an inbound or outbound firewall rule based on your network security requirements.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. On the console homepage, under Network, click Virtual Private Cloud.
  4. In the navigation pane on the left, choose Access Control > Firewalls.
  5. Locate the target firewall in the right pane, and click the firewall name to switch to the page showing details of that particular firewall.
  6. On the Inbound Rules or Outbound Rules tab, locate the target rule and click Modify in the Operation column. In the displayed dialog box, configure parameters as prompted. Table 1 lists the parameters to be configured.
    Figure 1 Modify Rule
    Table 1 Parameter description

    Parameter

    Description

    Example Value

    Action

    Specifies the action in the firewall. This parameter is mandatory. You can select a value from the drop-down list. Currently, the value can be Permit or Deny.

    Permit

    Protocol

    Specifies the protocol supported by the firewall. This parameter is mandatory. You can select a value from the drop-down list. The value can be TCPUDPAll, or ICMP. If ICMP or All is selected, you do not need to specify port information.

    TCP

    Source

    Specifies the source IP address from which the traffic is permitted.

    The default value is 0.0.0.0/0, which indicates that traffic from all IP addresses is permitted.

    For example:

    xxx.xxx.xxx.xxx/32 (IP address)

    xxx.xxx.xxx.0/24 (CIDR block)

    0.0.0.0/0 (any IP address)

    0.0.0.0/0

    Source Port Range

    Specifies the source port number or port number range. The value ranges from 1 to 65535. For a port number range, enter two port numbers connected by a hyphen (-). For example, 1-100.

    You must specify this parameter if TCP or UDP is selected for Protocol.

    22 or 22-30

    Destination

    Specifies the destination IP address to which the traffic is permitted.

    The default value is 0.0.0.0/0, which indicates that traffic to all IP addresses is permitted.

    For example:

    xxx.xxx.xxx.xxx/32 (IP address)

    xxx.xxx.xxx.0/24 (CIDR block)

    0.0.0.0/0 (any IP address)

    0.0.0.0/0

    Destination Port Range

    Specifies the destination port number or port number range. The value ranges from 1 to 65535. For a port number range, enter two port numbers connected by a hyphen (-). For example, 1-100.

    You must specify this parameter if TCP or UDP is selected for Protocol.

    22 or 22-30

    Description

    Provides supplementary information about the firewall rule. This parameter is optional.

    The firewall rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A

  7. Click OK.

    The firewall rule is modified. The procedure for modifying an outbound firewall rule is the same as that for modifying an inbound rule.