neutron_fwaas.services.firewall.agents.l3reference package

neutron_fwaas.services.firewall.agents.l3reference package

Submodules

neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent module

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent.FWaaSL3AgentExtension(host, conf)

Bases: neutron_lib.agent.l3_extension.L3AgentExtension

FWaaS Agent support to be used by Neutron L3 agent.

SUPPORTED_RESOURCE_TYPES = [<class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallGroup'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallPolicy'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallRuleV2'>]
add_router(context, new_router)

On router add, get fw with rules from plugin and update driver.

Handles agent restart, when a router is added, query the plugin to check if this router is in the router list for any firewall. If so install firewall rules on this router.

consume_api(agent_api)
create_firewall(*args, **kwargs)

Handle Rpc from plugin to create a firewall.

delete_firewall(*args, **kwargs)

Handle Rpc from plugin to delete a firewall.

delete_router(context, new_router)

Handles router deletion. There is basically nothing to do for this in the context of FWaaS with an IPTables driver; the namespace will already have been deleted, taking the IPTables rules with it.

initialize(connection, driver_type)
process_services_sync(ctx)
start_rpc_listeners(conf)
update_firewall(*args, **kwargs)

Handle Rpc from plugin to update a firewall.

update_router(context, updated_router)

The update_router method is just a synonym for add_router

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent.FWaaSL3PluginApi(topic, host)

Bases: neutron_fwaas.services.firewall.agents.firewall_agent_api.FWaaSPluginApiMixin

Agent side of the FWaaS agent to FWaaS Plugin RPC API.

get_firewalls_for_tenant(context, **kwargs)

Get the Firewalls with rules from the Plugin to send to driver.

get_tenants_with_firewalls(context, **kwargs)

Get all Tenants that have Firewalls configured from plugin.

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent.L3WithFWaaS(conf=None)

Bases: neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent.FWaaSL3AgentExtension

neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent_v2 module

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent_v2.FWaaSL3AgentExtension(host, conf)

Bases: neutron_lib.agent.l3_extension.L3AgentExtension

FWaaS agent extension.

SUPPORTED_RESOURCE_TYPES = [<class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallGroup'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallPolicy'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallRuleV2'>]
add_router(context, new_router)

Handles agent restart and router add. Fetches firewall groups from plugin and updates driver.

consume_api(agent_api)
create_firewall_group(*args, **kwargs)

Handles RPC from plugin to create a firewall group.

delete_firewall_group(*args, **kwargs)

Handles RPC from plugin to delete a firewall group.

delete_router(context, new_router)

Handles router deletion. There is basically nothing to do for this in the context of FWaaS with an IPTables driver; the namespace will already have been deleted, taking the IPTables rules with it.

initialize(connection, driver_type)
process_services_sync(ctx)

Syncs with plugin and applies the sync data.

start_rpc_listeners(host, conf)
update_firewall_group(*args, **kwargs)

Handles RPC from plugin to update a firewall group.

update_router(context, updated_router)

Handles agent restart and router add. Fetches firewall groups from plugin and updates driver.

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent_v2.FWaaSL3PluginApi(topic, host)

Bases: neutron_fwaas.services.firewall.agents.firewall_agent_api.FWaaSPluginApiMixin

Agent side of the FWaaS agent-to-plugin RPC API.

firewall_group_deleted(context, fwg_id, **kwargs)

Notifies the plugin that a firewall group has been deleted.

get_firewall_groups_for_project(context, **kwargs)

Fetches a project’s firewall groups from the plugin.

get_projects_with_firewall_groups(context, **kwargs)

Fetches from the plugin all projects that have firewall groups configured.

set_firewall_group_status(context, fwg_id, status, **kwargs)

Sets firewall group’s status on the plugin.

class neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent_v2.L3WithFWaaS(conf=None)

Bases: neutron_fwaas.services.firewall.agents.l3reference.firewall_l3_agent_v2.FWaaSL3AgentExtension

Module contents

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.