On 07/17/15 03:17, Yan Xing'an wrote:
For example, in usecase of VM is a LVS (Linux Virtual Server),
to make any client's ip outgoing, we need configure allowed_address_pairs to
0.0.0.0/0,
or disable security-group on port by setting "port-security-enable" false.
After that, mac-level rules
On Thu, Jul 16, 2015 at 08:59:19PM PDT, Richard Woo wrote:
> Sean, I agreed with you. But after I read Yan's user case. I think the
> FWaaS API may become too complex for that case.
Can you expand on this? I'd like to know more since if the FwaaS API is
too complex we need to take steps to improve
Sean, I agreed with you. But after I read Yan's user case. I think the
FWaaS API may become too complex for that case.
By extending security group is better option.
On Thu, Jul 16, 2015 at 11:48 AM, Sean M. Collins
wrote:
> On Tue, Jul 14, 2015 at 03:31:49AM PDT, Kevin Benton wrote:
> > Unfort
her VMs.
Does anyone else has other usecase?
Yan Xing'an
From: Daniel Comnea
Date: 2015-07-15 14:14
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [neutron][security-group] rules for filter
mac-addresses
Can i understand the use case for tha
On Tue, Jul 14, 2015 at 03:31:49AM PDT, Kevin Benton wrote:
> Unfortunately the security groups API does not have mac-level rules right
> now.
There is also the fact that the Security Group API is limited (by
design) to do fairly simple things, and also that the model has similar
fields to the AWS
15-07-14 18:31
> *To:* OpenStack Development Mailing List (not for usage questions)
>
> *Subject:* Re: [openstack-dev] [neutron][security-group] rules for filter
> mac-addresses
> Unfortunately the security groups API does not have mac-level rules right
> now.
>
> On Tue, Jul 14
*To:* OpenStack Development Mailing List (not for usage questions)
>
> *Subject:* Re: [openstack-dev] [neutron][security-group] rules for filter
> mac-addresses
> Unfortunately the security groups API does not have mac-level rules right
> now.
>
> On Tue, Jul 14, 2015 a
t for usage questions)
Subject: Re: [openstack-dev] [neutron][security-group] rules for filter
mac-addresses
Unfortunately the security groups API does not have mac-level rules right now.
On Tue, Jul 14, 2015 at 2:17 AM, yan_xing...@163.com
wrote:
Hi, all:
Here is a requirement: deny/permit inc
Unfortunately the security groups API does not have mac-level rules right
now.
On Tue, Jul 14, 2015 at 2:17 AM, yan_xing...@163.com
wrote:
> Hi, all:
>
> Here is a requirement: deny/permit incoming packets on VM by mac addresses,
> I have tried to find better method than modifying neutron code,
Hi, all:
Here is a requirement: deny/permit incoming packets on VM by mac addresses,
I have tried to find better method than modifying neutron code, but failed.
Any suggesion is grateful. Thank you.
Yan.
yan_xing...@163.com
__
10 matches
Mail list logo
