neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2 module

neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2 module

neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2.CHAIN_NAME_PREFIX = {'egress': 'o', 'ingress': 'i'}

Firewall rules are applied on internal-interfaces of Neutron router. The packets ingressing tenant’s network will be on the output direction on internal-interfaces.

class neutron_fwaas.services.firewall.service_drivers.agents.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver

Bases: neutron_fwaas.services.firewall.service_drivers.agents.drivers.fwaas_base_v2.FwaasDriverBase

IPTables driver for Firewall As A Service.

apply_default_policy(agent_mode, apply_list, firewall)

Apply the default policy on all trusted interfaces.

Remove current policy and apply the default policy on all trusted interfaces.

create_firewall_group(agent_mode, apply_list, firewall)

Create the Firewall with default (drop all) policy.

The default policy will be applied on all the interfaces of trusted zone.

delete_firewall_group(agent_mode, apply_list, firewall)

Delete firewall.

Removes all policies created by this instance and frees up all the resources.

update_firewall_group(agent_mode, apply_list, firewall)

Apply the policy on all trusted interfaces.

Remove previous policy and apply the new policy on all trusted interfaces.

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.