update ingress and egress rules

bgraef · bgraef · commit 05df663757a3 · 2025-03-24T21:45:50.000-04:00
diff --git a/ocne2/templates/egress_security_rules.j2 b/ocne2/templates/egress_security_rules.j2
@@ -6,4 +6,24 @@
 
 instance_egress_security_rules:
   - destination: "0.0.0.0/0"
-    protocol: 6
+    protocol: 6
+{% if use_fss %}
+  - destination: "10.0.0.0/24"
+    protocol: 6
+    tcp_options:
+      source_port_range:
+        max: 111
+        min: 111
+  - destination: "10.0.0.0/24"
+    protocol: 6
+    tcp_options:
+      source_port_range:
+        max: 2050
+        min: 2048
+  - destination: "10.0.0.0/24"
+    protocol: 17
+    udp_options:
+      destination_port_range:
+        max: 111
+        min: 111
+{% endif %}
diff --git a/ocne2/templates/ingress_security_rules.j2 b/ocne2/templates/ingress_security_rules.j2
@@ -25,4 +25,31 @@ instance_ingress_security_rules:
       destination_port_range:
         max: 443
         min: 443
-{% endif %}
+{% endif %}
+{% if use_fss %}
+  - source: "10.0.0.0/24"
+    protocol: 6
+    tcp_options:
+      destination_port_range:
+        max: 111
+        min: 111
+  - source: "10.0.0.0/24"
+    protocol: 6
+    tcp_options:
+      destination_port_range:
+        max: 2050
+        min: 2048
+  - source: "10.0.0.0/24"
+    protocol: 17
+    udp_options:
+      destination_port_range:
+        max: 111
+        min: 111
+  - source: "10.0.0.0/24"
+    protocol: 17
+    udp_options:
+      destination_port_range:
+        max: 2048
+        min: 2048
+{% endif %}
+
