By default, the Compute Gateway blocks traffic to all uplinks. Add Compute Gateway firewall rules to allow traffic as needed.
All traffic attempting to pass through the firewall is subjected to the rules in the order shown in the rules table, beginning at the top. A packet allowed by the first rule is passed on to the second rule, and so on through subsequent rules until the packet is dropped, rejected, or hits a default rule.
Prerequisites
Compute Gateway firewall rules require named inventory groups for Source and Destination values. See Add or Modify a Compute Group.
Procedure
What to do next
You can take any or all of these optional actions with an existing firewall rule.
-
Click the gear icon to view or modify rule logging settings. Log entries are sent to the VMwarevRealize Log Insight Cloud Service. See Using vRealize Log Insight Cloud in the VMware Cloud on AWS Operations Guide.
-
Click the graph icon to view Rule Hits and Flow statistics for the rule.
Table 1. Rule Hits Statistics Popularity Index Number of times the rule was triggered in the past 24 hours. Hit Count Number of times the rule was triggered since it was created. Table 2. Flow Statistics Packet Count Total packet flow through this rule. Byte Count Total byte flow through this rule. - Reorder firewall rules.
A rule created from the ADD NEW RULE button is placed at the top of the list of rules. Firewall rules are applied in order from top to bottom. To change the position of a rule in the list, select it and drag it to a new position. Click PUBLISH to publish the change.