The page has been translated by Gen AI.

Migration Rules

Users can retrieve rules created in the V1 environment of the Samsung Cloud Platform Console and apply them to the V2 service.

Get firewall rules

You can import rules created in the V1 environment of the Samsung Cloud Platform Console and migrate them to the V2 service for use.

Reference
  • When a firewall rule is transferred using the Migration feature, the Migration label appears before its name.
  • If a firewall rule description exceeds 100 characters, part of the description will be truncated and appended.
  • Rules that exceed the maximum quantity are not registered due to rule quantity limits based on firewall size.

To retrieve the V1 firewall rules, follow these steps.

  1. All Services > Networking > Firewall Click the menu. 1. Navigate to the Service Home page of the Firewall.

  2. On the Service Home page, click the Migration Rules menu. 2. Go to the Migration Rules page.

  3. Select the rule information to retrieve from the Migration Rules page and click Done.

    CategoryDetailed description
    Original rule environmentSCP v1 (Vmware) Auto-select
    Applicable targetSelect the Firewall list in the account to which the transferred rule will be applied
    Get rulesClick the File Attachment button to upload the decrypted Firewall rule file
    • After decrypting and saving the rule file extracted from the original environment, upload
    Rule ListView uploaded Firewall rule file details
    • Move Up: Move the selected rule up in the list
    • Move Down: Move the selected rule down in the list
    • Delete: Delete the selected rule
    Rule locationSet the position of the selected firewall rule
    • After the last rule: Move the selected rule after the last rule
    • Set before the specified rule / Set after the specified rule: Enter the rule ID to move the selected rule before or after the specified rule
    Table. Migration Rules detailed items

  4. After the firewall rule transfer request is completed, verify that the transferred item has been added to the firewall list.

Modify the Firewall rule to be transferred

You can edit each item when retrieving rules created in the V1 environment of the Samsung Cloud Platform Console.

To edit the Firewall rules to be imported from V1, follow these steps.

  1. Click the All Services > Networking > Firewall menu. 1. Navigate to the Service Home page of the Firewall.

  2. On the Service Home page, click the Migration Rules menu. 2. Go to the Migration Rules page.

  3. Click Attach file in the rule import item to upload the Firewall rule file.

  4. In the rule list, click Edit for the rule item you want to modify.

    CategoryRequired or notDetailed description
    origin addressEssentialSource addresses to add to the rule
    • in CIDR (IP/Subnet Mask) format, using commas (,), ranges (-) to input multiple addresses, up to a maximum of 128 at once
    Destination addressEssentialSelect the type of destination address to add to the rule
    • IP: In CIDR (IP/Subnet Mask) format, you can enter multiple addresses at once using commas (,) and ranges (-), up to a maximum of 128.
    • Domain: In FQDN format, you can enter up to 128 full domain names at once using commas (,).
    • The type items vary depending on the selected destination address format.
    typeRequiredSelect protocol type to which the rule will be applied
    • Select destination port/Type: Select protocol type
    • Internet Protocol: Enter protocol numbers, up to 128 entries allowed
    • All: Select destination port/Type and protocol for the entire range, meaning all ports for all protocols
    Type > ProtocolRequiredSelect detailed protocol for the type
    • Select the desired protocol among TCP, UDP, and ICMP; input fields vary depending on the selected protocol
    • When ICMP is selected in the protocol, you can set the ICMP Type
      • Select a commonly used Type, such as Echo, from the values defined for ICMP Type
      • Click the Add button to add an input value
    • When TCP/UDP is selected in the protocol, you can select allowed ports such as SSH, HTTP, TELNET, etc.
      • When entering manually, you can input values from 1 to 65535, and you can enter up to 128 entries at once using commas (,) or ranges (-)
      • Click the Add button to add an input value
    • When Internet Protocol is selected in the type 1 - 254Enter the protocol number within the range
    OperationRequiredTraffic allow/block classification by rule
    • Allow: Allow traffic when it matches the rule
    • Deny: Block traffic when it matches the rule
    DirectionEssentialFirewall standard traffic direction
    • Inbound: external → internal
    • Outbound: internal → external
    Active statusRequiredSet rule activation status
    • If disabled, the rule does not execute
    ExplanationSelectionAdditional description written by the user
    Table. Detailed items of the Firewall rule edit window

  5. When the rule information edit is complete, click Confirm in the edit window.

  6. Review the modified rule information and click Done.

Firewall Logging
Release Note