1. As far as I know, the default sg would be populated by plugin - e.g. ovs, ml2 - with _ensure_default_security_group, which allow egress to all destination and ingress originated from the same sg only.
2. The default rules in default sg cannot be changed. hope it helps, *Best Regards, Xiaolin Zhang* On Thu, Mar 20, 2014 at 5:51 PM, Ruzicka, Marek <[email protected]>wrote: > I second that question… > > > > We have a registration system that is creating users/tenants/etc and also > taking care of these security groups (deleting defaults, creating custom > ones). > > If it was possible to configure default sec groups, it would be one less > thing to deal with. > > > > Marek > > > > *From:* Nick Maslov [mailto:[email protected]] > *Sent:* 20. marca 2014 10:32 > *To:* [email protected] > *Cc:* Maxim Bashkirov > *Subject:* [Openstack] neutron default security groups > > > > Hi, > > > > Whenever I create new tenant, it creates an security group for this > tenant. Rules are always the same - no ingress traffic allowed at all. > > > > Is there a way to create security group, that will have all traffic > allowed and will be used for each and every new tenant? > > > > Thanks, > > NM > > > > -- > Nick Maslov > Sent with Airmail > > _______________________________________________ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : [email protected] > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
