8i | 9i | 10g | 11g | 12c | 13c | 18c | 19c | Misc | PL/SQL | SQL | RAC | WebLogic | Linux

Home » Articles » Vm » Here

Oracle Cloud Infrastructure (OCI) : Amend Firewall Rules

This article shows how to create a compute virtual machine under Oracle Cloud Infrastructure (OCI).

This is a really simple example of allow access to a service. It's not meant to be a recommendation or best practice.

Related articles.


This article assumes you've already defined a compute VM under Oracle Cloud Infrastructure (OCI). You can see how to do that here.

VM Setup

It's important to remember the local firewall running in the VM. It's really easy to get confused thinking the you are adjusting this when using the OCI network security features. You are not!

We need something to test, so in this example we will install and start the default Tomcat from the Yum repository. The following are run as the "root" user.

yum install -y tomcat tomcat-webapps tomcat-admin-webapps
systemctl enable tomcat
systemctl start tomcat

We also need to punch a hole in the local firewall running on the VM to allow traffic through to port 8080. Once again, these commands should run as the "root" user.

firewall-cmd --permanent --zone=public --add-port=8080/tcp
firewall-cmd --reload

Amend Security List

Navigate to the detail page for the virtual machine you are interested in. Click on the "Virtual Cloud Network" associated with the VM.

Oracle Cloud Infrastructure : VM Detail

On the Virtual Cloud Network (VCN) detail page, click on the "Security Lists" link.

Oracle Cloud Infrastructure : VM Detail

Click on the default security list, assuming you are using that list.

Oracle Cloud Infrastructure : VM Detail

Click the "Edit Rules" button.

Oracle Cloud Infrastructure : VM Detail

Either click the "+Another Ingress Rule" button and fill in a new rule, or just add the new port(s) to the existing port 22 rule, as shown below. The result is the same once saved. When you are finished, click the "Save Security List Rules" button.

Oracle Cloud Infrastructure : VM Detail

You can now access Tomcat using the following URL, adjusted to match your public IP address.

For more information see:

Hope this helps. Regards Tim...

Back to the Top.