When you specify an incorrect rule, such as:
[jschmidt@pepper bin]$ sdc-createfirewallrule --rule "FROM subnet 63.246.133.86/31 to all vms block tcp" --enable
The error message is a bit misleading:
sdc-createfirewallrule: error (InvalidParameters): Invalid parameters (rule: Error at character 0: '', expected: 'FROM', found: empty string)
Other messages are more helpful:
[jschmidt@pepper bin]$ sdc-createfirewallrule --rule "FROM subnet 63.246.133.86/31 to all block tcp" --enable
sdc-createfirewallrule: error (InvalidParameters): Invalid parameters (rule: Error at character 35: 'block', expected: 'VMS', found: BLOCK)
[jschmidt@pepper bin]$ sdc-createfirewallrule --rule "FROM 63.246.133.86/31 to all vms block tcp"
sdc-createfirewallrule: error (InvalidParameters): Invalid parameters (rule: Error at character 4: '63.246.133.86', expected: '(', 'all', 'any', 'ip', 'subnet', 'vm', 'tag', found: IPADDR)
Correct syntax works correctly:
[jschmidt@pepper bin]$ sdc-createfirewallrule --rule "FROM subnet 63.246.133.86/31 to all vms block tcp port all" --enable
{
"id": "c1791b4a-bcff-466f-a44c-d906c7594210",
"rule": "FROM subnet 63.246.133.86/31 TO all vms BLOCK tcp PORT all",
"enabled": true
}
When you specify an incorrect rule, such as:
The error message is a bit misleading:
Other messages are more helpful:
Correct syntax works correctly: