| *** mhen_ is now known as mhen | 01:36 | |
| LarsErikP | Hi! I have a case, that I don't think there are any trivial solutions to, other than FWaaS. I have VMs that would need internet access, but at the same time we want to block egress traffic to some given CIDRs.. Thoughts? | 12:29 |
|---|---|---|
| *** d34dh0r5- is now known as d34dh0r53 | 13:52 | |
| auniyal | LarsErikP, security groups won't help ? | 14:23 |
| -opendevstatus- NOTICE: Gerrit is going to be restarted to pick up a small config update. You will notice a short outage of the service. | 15:32 | |
| LarsErikP | auniyal: nah, because you can not create deny-rules | 16:24 |
| LarsErikP | if that was possible, it would be very easy. Allow any egress, deny 32.0.0.0/24. But that's not possible with SG's.. | 16:25 |
| LarsErikP | So the alternative is.. allow egress to ~all CIDRs, except the few you want to block.. that could be.. a lot of rules :P depending on how much you can summarize | 16:30 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!