8i | 9i | 10g | 11g | 12c | 13c | 18c | 19c | Misc | PL/SQL | SQL | RAC | WebLogic | Linux

Home » Articles » Vm » Here

Oracle Cloud Infrastructure (OCI) : Amend Firewall Rules

This article shows how to amend the firewall rules for a virtual machine under Oracle Cloud Infrastructure (OCI).

This is a really simple example of allow access to a service. It's not meant to be a recommendation or best practice.

Related articles.

Assumptions

This article assumes you've already defined a compute VM under Oracle Cloud Infrastructure (OCI). You can see how to do that here.

VM Setup

It's important to remember the local firewall running in the VM. It's really easy to get confused thinking the you are adjusting this when using the OCI network security features. You are not!

We need something to test, so in this example we will install and start the default Tomcat from the Yum repository. The following are run as the "root" user.

yum install -y tomcat tomcat-webapps tomcat-admin-webapps
systemctl enable tomcat
systemctl start tomcat

We also need to punch a hole in the local firewall running on the VM to allow traffic through to port 8080. Once again, these commands should run as the "root" user.

firewall-cmd --permanent --zone=public --add-port=8080/tcp
firewall-cmd --reload

Amend Security List

Navigate to the detail page for the virtual machine you are interested in. Click on the "Virtual Cloud Network" associated with the VM.

Oracle Cloud Infrastructure : VM Detail

On the Virtual Cloud Network (VCN) detail page, click on the "Security Lists" link.

Oracle Cloud Infrastructure : VCN Detail

Click on the default security list, assuming you are using that list.

Oracle Cloud Infrastructure : Security List

Click the "Add Ingress Rule" button.

Oracle Cloud Infrastructure : Security List Details

Enter the details of the new rule and click the "Add Ingress Rules" button.

Oracle Cloud Infrastructure : Add Ingress Rules

The new rule is added to the list..

Oracle Cloud Infrastructure : Security List Details

You can now access Tomcat using the following URL, adjusted to match your public IP address.

http://123.123.123.123:8080/

For more information see:

Hope this helps. Regards Tim...

Back to the Top.