since you can't add Deny rules with SGs, I find it hard to do what you want...
On Thu, 7 Nov 2019, 22:27 Fariborz Navidan, <mdvlinqu...@gmail.com> wrote: > Any idea? > > On Thu, Nov 7, 2019 at 10:22 PM Fariborz Navidan <mdvlinqu...@gmail.com> > wrote: > > > In this way it works just vice versa. I add an egress rule with a > specific > > CIDR and it only allows outbound traffic to that network. I want to do > the > > reverse. Allow all outbound traffic but not this CIDR. > > > > On Thu, Nov 7, 2019 at 9:41 PM Andrija Panic <andrija.pa...@gmail.com> > > wrote: > > > >> > >> > http://docs.cloudstack.apache.org/en/latest/adminguide/networking/security_groups.html#enabling-security-groups > >> > >> > >> It says' it all. Once you add a first EGRESS rule to the existing SG, > the > >> only that rules applies (it stopss to allow all EGRESS traffix, that it > >> does when there are no explicit EGRESS rules). > >> > >> > >> On Thu, 7 Nov 2019 at 16:46, Fariborz Navidan <mdvlinqu...@gmail.com> > >> wrote: > >> > >> > Hello, > >> > > >> > I have a shared network with default egress policy to be allowed. How > >> can I > >> > block traffic to specific outbound CIDR originating from this VM? > >> > > >> > >> > >> -- > >> > >> Andrija Panić > >> > > >