Creates a Firewall to filter network traffic.
-
Use
rulesto create inbound and outbound access rules. Rule versions increment from1whenever the firewall'sruleschange. -
Use
devicesto assign a firewall to a service such as a Linode that is using legacy config profiles, a Linode interface or a NodeBalancer. The firewall’s rules are then applied to that service. Requires aread_writeuser grant to the device.-
For Linodes using Linode interfaces, firewalls need to be assigned to
interfacesand not thelinodes. Firewall templates are available for both VPC Linode interfaces and public Linode interfaces, and come with pre-configured protection rules. -
For Linodes using legacy configuration profiles, firewalls are applied through the Linode. Public and VPC interfaces are subject to the firewall rules, while VLAN interfaces are not.
-
-
Currently, firewalls can be assigned to Linodes with legacy configuration profiles, Linode interfaces, and NodeBalancers.
- The same firewall can be assigned to multiple services at a time.
-
Use
firewall_idto assign a firewall when creating a Linode or when adding a Linode interface. -
A service can have one assigned firewall enabled at a time.
-
Assigned Linodes must not have any ongoing live migrations.
-
A
firewall_createevent is generated when this operation succeeds.
linode-cli firewalls create \
--label example-firewall \
--rules.outbound_policy ACCEPT \
--rules.inbound_policy DROP \
--rules.inbound '[{"protocol": "TCP", "ports": "22, 80, 8080, 443", "addresses": {"ipv4": ["192.0.2.0/24", "198.51.100.2/32"], "ipv6": ["2001:DB8::/128"]}, "action": "ACCEPT"}]' \
--rules.outbound '[{"protocol": "TCP", "ports": "49152-65535", "addresses": {"ipv4": ["192.0.2.0/24", "198.51.100.2/32"],"ipv6": ["2001:DB8::/128"]}, "action": "DROP", "label": "outbound-rule123", "description": "An example outbound rule description."}]'
<https://techdocs.akamai.com/cloud-computing/docs/getting-started-with-the-linode-cli>
firewall:read_write
<https://techdocs.akamai.com/linode-api/reference/get-started#oauth>