[Neutron] How to enable the SCTP protal support in security-groups for Openstack-Rocky release

Brian Haley haleyb.dev at gmail.com
Mon Dec 7 19:53:42 UTC 2020


Hi,

On 12/7/20 2:28 AM, Velugubantla Praveen wrote:
> Hi Team,
> 
> In OPENSTACK security groups how to add the SMTP protocol rules, can 
> some-one please point me to the right documentation of how to add those 
> required configurations to enable SMTP and other protocols to my 
> openstack-rocky release neutron setup.
> 
> Can we add some additional protocol's above the default provided 
> security rules?
> 
> Any help or suggestion is highly appreciated. Thanks in advance.

So the email subject says SCTP, but the body says SMTP.  Assuming you 
meant SCTP it should be as simple as this to allow all SCTP in:

$ openstack security group rule create --ingress --protocol sctp default
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2020-12-07T19:45:59Z                 |
| description       |                                      |
| direction         | ingress                              |
| ether_type        | IPv4                                 |
| id                | 5d2183a0-8779-44e2-a170-8cfe21352606 |
| name              | None                                 |
| port_range_max    | None                                 |
| port_range_min    | None                                 |
| project_id        | 573ef6e9362c43599e1faf26029de056     |
| protocol          | sctp                                 |
| remote_group_id   | None                                 |
| remote_ip_prefix  | 0.0.0.0/0                            |
| revision_number   | 0                                    |
| security_group_id | 63cc50d6-ace7-4575-9224-458cd8751228 |
| tags              | []                                   |
| updated_at        | 2020-12-07T19:45:59Z                 |
+-------------------+--------------------------------------+

Of course you can also specify ports, etc.

If that gives an error you can try with the protocol number, "--protocol 
132".

-Brian


> 
> Regards,
> 
> ________________________________________________________
> 
> *Velugubantla Praveen *
> 
> Engineer - Non-Media Solutions
> 
> *Communications & Media*
> 
> *L&T TECHNOLOGY SERVICES LIMITED*
> 
> L3 Building, Manyata Embassy Business Park,
> Nagawara Hobli,Bengaluru-560045
> 
> ________________________________________________________



More information about the openstack-discuss mailing list