Comment 1 for bug 1842008

We have the basis for this functionality in the agent already, but it's not (yet) used when creating security groups, ie it just needs to be wired up.

eg
$ juju set-firewall-rule ssh --whitelist 192.168.1.0/8,10.10.1.0/8

The other options are "juju-controller" and "juju-application-offer"

eg
juju set-firewall-rule juju-controller --whitelist 192.168.1.0/8
juju set-firewall-rule juju-application-offer --whitelist 192.168.1.0/8

The "juju-controller" rule is meant to limit client connections to the controller.

The "juju-application-offer" rule is the only one currently supported fully - it is used to limit cross model consumer connections to offered applications.