Creates a Firewall to filter network traffic.
-
Use
rules
to create inbound and outbound access rules. Rule versions increment from1
whenever the firewall'srules
change. -
Use
devices
to assign the firewall to a service and apply its rules to the device. Requiresread_write
user grant to the device. Currently, firewalls can be assigned to Linode compute instances and NodeBalancers. -
A Firewall can be assigned to multiple services at a time.
-
Use
firewall_id
to assign a firewall when creating a Linode. -
A service can have one assigned Firewall at a time.
-
Firewalls apply to all of a Linode's non-
vlan
purpose Configuration Profile Interfaces. -
Assigned Linodes must not have any ongoing live migrations.
-
A
firewall_create
Event is generated when this operation succeeds.
linode-cli firewalls create \
--label example-firewall \
--rules.outbound_policy ACCEPT \
--rules.inbound_policy DROP \
--rules.inbound '[{"protocol": "TCP", "ports": "22, 80, 8080, 443", "addresses": {"ipv4": ["192.0.2.0/24", "198.51.100.2/32"], "ipv6": ["2001:DB8::/128"]}, "action": "ACCEPT"}]' \
--rules.outbound '[{"protocol": "TCP", "ports": "49152-65535", "addresses": {"ipv4": ["192.0.2.0/24", "198.51.100.2/32"],"ipv6": ["2001:DB8::/128"]}, "action": "DROP", "label": "outbound-rule123", "description": "An example outbound rule description."}]'
<https://www.linode.com/docs/products/tools/cli/get-started/>
firewall:read_write
<https://techdocs.akamai.com/linode-api/reference/get-started#oauth>