# Create firewall rule, policy, and group rulename="BlockSMTPOutboundRule" policyname="BlockSMTPOutboundPolicy" groupname="BlockSMTPOutboundGroup" routername="Router001" routerip="192.168.100.254" openstack firewall group rule create \ --name $rulename \ --source-ip-address 0.0.0.0/0 \ --destination-ip-address 0.0.0.0/0 \ --protocol tcp \ --destination-port 25 \ --action deny \ --enable-rule ruleid=$(openstack firewall group rule show $rulename -f value -c ID) echo "ruleid: $ruleid" openstack firewall group policy create $policyname --firewall-rule $ruleid policyid=$(openstack firewall group policy show $policyname -f value -c ID) echo "policyid: $policyid" routerid=$(openstack router show $routername -f value -c id) echo "routerid: $policyid" portid=$(openstack port list --router $routerid --fixed-ip ip-address=$routerip -f value -c ID) echo "portid: $portid" openstack firewall group create \ --name $groupname \ --ingress-firewall-policy $policyid \ --egress-firewall-policy $policyid \ --enable \ --port $portid openstack firewall group show $groupname groupid=$(openstack firewall group show $groupname -f value -c ID) echo "groupid: $groupid"