I think you need to change the permissions on that review, as I cannot see it.<div><br></div><div>also, please file a bug on this and i'll target it to RC1, as we need to make sure we make a decision on this before grizzly. </div>
<div><br></div><div>dan</div><br><div class="gmail_quote">On Fri, Mar 1, 2013 at 3:27 AM, Tomoe Sugihara <span dir="ltr"><<a href="mailto:tomoe@midokura.com" target="_blank">tomoe@midokura.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi,<div class="gmail_extra"><br><div class="gmail_quote"><div class="im">On Wed, Feb 27, 2013 at 3:23 PM, Akihiro MOTOKI <span dir="ltr"><<a href="mailto:motoki@da.jp.nec.com" target="_blank">motoki@da.jp.nec.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">Hi,<br>
<br>
It is worth discussed at this timing since it becomes difficult to change<br>
security groups models and default rules once Grizzly Quantum is shipped.<br>
<br>
Personally I prefer to symmetric models and semantics both for ingress and egress.<br>
It helps users understand the behaivor of security groups easily.<br>
(Honestly I was a little confused at first.)<br>
<br>
It looks reasonable to me that all egress traffic is dropped if there is<br>
truly no rules and the ALL ALLOW rule will be created automatically to<br>
egress rule when any security group is created. From users view there is<br>
no default behavior change.<br></blockquote><div><br></div></div><div>I have just uploaded my draft change to add explicit rules:</div><div><a href="https://review.openstack.org/#/c/23264/" target="_blank">https://review.openstack.org/#/c/23264/</a><br>
</div><div><br></div><div>I'd appreciate any feedback.</div><div><br></div><div>Thanks,</div><div>Tomoe</div><div><br></div><div><br></div><div><br></div></div></div></div>
<br>_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>~~~~~~~~~~~~~~~~~~~~~~~~~~~<br>Dan Wendlandt <div>Nicira, Inc: <a href="http://www.nicira.com" target="_blank">www.nicira.com</a><br><div>twitter: danwendlandt<br>
~~~~~~~~~~~~~~~~~~~~~~~~~~~<br></div></div>