From fd5fd924d152338204fcf69673fedd31a3904977 Mon Sep 17 00:00:00 2001
From: Richard Theis <rtheis@us.ibm.com>
Date: Fri, 15 Apr 2016 07:36:43 -0500
Subject: Additional network protocol support

Add the following network protocol support to the
"os security group rule create" command:
  - Add "--icmp-type" and "--icmp-code" options
    for Network v2 only. These options can be used to set
    the ICMP type and code for ICMP IP protocols.
  - Change the "--proto" option to "--protocol". Using the
    "--proto" option is still supported, but is no longer
    documented and may be deprecated in a future release.
  - Add the following Network v2 IP protocols to the
    "--protocol" option: "ah", "dccp", "egp", "esp", "gre",
    "igmp", "ipv6-encap", "ipv6-frag", "ipv6-icmp",
    "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm",
    "rsvp", "sctp", "udplite", "vrrp" and integer
    representations [0-255].

The "os security group rule list" command now supports
displaying the ICMP type and code for security group rules
with the ICMP IP protocols.

Change-Id: Ic84bc92bc7aa5ac08f6ef91660eb6c125a200eb3
Closes-Bug: #1519512
Implements: blueprint neutron-client
---
 doc/source/command-objects/security-group-rule.rst | 42 +++++++++++++++++-----
 1 file changed, 33 insertions(+), 9 deletions(-)

(limited to 'doc/source/command-objects')

diff --git a/doc/source/command-objects/security-group-rule.rst b/doc/source/command-objects/security-group-rule.rst
index b0ac3c94..97cce35c 100644
--- a/doc/source/command-objects/security-group-rule.rst
+++ b/doc/source/command-objects/security-group-rule.rst
@@ -16,18 +16,14 @@ Create a new security group rule
 .. code:: bash
 
     os security group rule create
-        [--proto <proto>]
         [--src-ip <ip-address> | --src-group <group>]
-        [--dst-port <port-range>]
+        [--dst-port <port-range> | [--icmp-type <icmp-type> [--icmp-code <icmp-code>]]]
+        [--protocol <protocol>]
         [--ingress | --egress]
         [--ethertype <ethertype>]
         [--project <project> [--project-domain <project-domain>]]
         <group>
 
-.. option:: --proto <proto>
-
-    IP protocol (icmp, tcp, udp; default: tcp)
-
 .. option:: --src-ip <ip-address>
 
     Source IP address block
@@ -39,8 +35,35 @@ Create a new security group rule
 
 .. option:: --dst-port <port-range>
 
-    Destination port, may be a single port or port range: 137:139
-    (only required for IP protocols tcp and udp)
+    Destination port, may be a single port or a starting and
+    ending port range: 137:139. Required for IP protocols TCP
+    and UDP. Ignored for ICMP IP protocols.
+
+.. option:: --icmp-type <icmp-type>
+
+    ICMP type for ICMP IP protocols
+
+    *Network version 2 only*
+
+.. option:: --icmp-code <icmp-code>
+
+    ICMP code for ICMP IP protocols
+
+    *Network version 2 only*
+
+.. option:: --protocol <protocol>
+
+    IP protocol (icmp, tcp, udp; default: tcp)
+
+    *Compute version 2*
+
+    IP protocol (ah, dccp, egp, esp, gre, icmp, igmp,
+    ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt,
+    ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp,
+    udp, udplite, vrrp and integer representations [0-255];
+    default: tcp)
+
+    *Network version 2*
 
 .. option:: --ingress
 
@@ -56,7 +79,8 @@ Create a new security group rule
 
 .. option:: --ethertype <ethertype>
 
-    Ethertype of network traffic (IPv4, IPv6; default: IPv4)
+    Ethertype of network traffic
+    (IPv4, IPv6; default: based on IP protocol)
 
     *Network version 2 only*
 
-- 
cgit v1.2.1