this is called FWaaS v2.
** Changed in: neutron
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1592005
Title:
[RFE] Security-groups that blocks matched traffic
Status in neutron:
Won't Fix
Bug description:
Neutron security-group allow the user to define security groups so that only
traffic matched with security group rules are allowed.
Sometimes it’s simpler to define these rules as blocking rules which matched
on traffic that should not be allowed (e.g - allow all traffic except ssh).
Supporting both ‘deny’ and ‘allow’ rules combined in one security-group may
impair the simplicity of the security-group API, therefore, we'd like to
consider the option of allowing a new type of security-group, one which all
rules implicit action is 'deny'.
This group should be constructed as any other security-group (by creating
rules and assigning to ports).
A Neutron port then could be associated with one or more of both
security-group types.
For each port, ’deny’ rules (when port is associated with one or more
"deny" security group) will always be matched before ‘allow’ rules.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1592005/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
