[openstack-dev] [neutron] [fwaas] Proposal for the evolution of the FWaaS API

Miguel Lavalle miguel at mlavalle.com
Thu May 10 17:03:36 UTC 2018


As discussed during the weekly FWaaS IRC meeting, there is a new proposal
for the evolution of the FWaaS API here:

This proposal is based on the current FWaaS V2.0 API as documented here:
The key additional features proposed are:

   1. Firewall groups not only associate with ports but also with subnets,
   other firewall groups and dynamic rules. A list of excluded ports can be
   2. Dynamic rules make possible the association with Nova instances by
   security tags and VM names
   3. Source and destination address groups can be lists
   4. A re-direct action in firewall rules
   5. Priority attribute in firewall policies
   6. A default rule resource

The agreement in the meeting was for the team to help identify the areas
where there is incremental features in the proposal compared to what is
currently in place plus the what is being already planned for
implementation. A spec will be developed based on that increment. We will
meet in Vancouver to continue the conversation face to face

Best regards

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180510/96dbb24e/attachment.html>

More information about the OpenStack-dev mailing list