[queens][neutron][fwaas_v2] PENDING_UPDATE

Donny Davis donny at fortnebula.com
Tue Mar 3 12:33:29 UTC 2020


I have never really used fwaas, but I do believe its targeted at routers.

Security groups already do firewalling for the vm ports



Donny Davis
c: 805 814 6800

On Tue, Mar 3, 2020, 5:15 AM Ignazio Cassano <ignaziocassano at gmail.com>
wrote:

> Hello All, I installed firewall v2 on queens based on centos 7.
> I create a firewall group policy and a firewall group rulle with that
> policy.
>
> The firewall results ACTIVE AND UP and INACTIVE
>
> When I ttry to apply the firewall group to an instance port :
> openstack  firewall group set --port c7c8be58-35de-47fe-87db-39bbd681db8b
> fwg1
>
> It does not works and goes in pending update status.
>
>
> L3 agent log reports:
> Could not load
> neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas_v2.IptablesFwaasDriver
>
> But the file esists
>
> I am using firewall_driver = openvswitch
>
> Please, whai is wrong ?
>
> I read Supports L2 firewalling (VM ports) was planned for ocata and I am
> on queens.
>
> Please, help me.
>
> Ignazio
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20200303/8f52726a/attachment.html>


More information about the openstack-discuss mailing list